Why do I get these Certificate entries are expiring notifications?
-
I am running on 2.7.2-RELEASE, and I have for long, maybe years gotten these notifications, all the time ...
But now I think it is time to get rid of them, maybe anyone here know what they mean?
Well, I understand it say something is expired, but I don't understand how, I have one cert with two renewal methods (manual and auto). None of them expired.
So, I am not that good with certificates, but what do I do to make this right?
But they work, no problem there. -
@Flemmingss
check: System - Certificates - Certificates -
@Tom8 Found this:
Serial: 0 Signature Digest: RSA-SHA256 KU: Digital Signature, Key Encipherment EKU: TLS Web Server Authentication, IP Security IKE Intermediate Key Type: RSA Key Size: 2048 DN: /C=US/ST=State/L=Locality/O=pfSense webConfigurator Self-Signed Certificate/emailAddress=admin@pfSense.localdomain/CN=pfSense-xxx Hash: e5fee5e1 Subject Key ID: xxx Authority Key ID: keyid:xxx DirName:/C=US/ST=State/L=Locality/O=pfSense webConfigurator Self-Signed Certificate/emailAddress=admin@pfSense.localdomain/CN=pfSense-xxx serial:00 Total Lifetime: 2000 days Lifetime Remaining: Expired 286 days agoIs it safe to just remove the first one? Don't know what that is. Looks like some pfsense-autgenerated thing?
-
@Flemmingss
Don´t remove, just renew it.https://forum.netgate.com/topic/171607/webconfigurator-certificate-expiring
-
@Tom8
Thanks, certificates looks good now.
But a one entry below authorities looks expired, do you know what that is?
Serial: xxx Signature Digest: RSA-SHA256 KU: Digital Signature, Certificate Sign, CRL Sign DN: /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 Hash: 4f06f81d Subject Key ID: xxx Authority Key ID: xxx Total Lifetime: 1826 days Lifetime Remaining: Expired 1101 days ago Trust Store: Excludedmaybe I can just delete it as it has zero certs?
-
@Flemmingss
https://forum.netgate.com/topic/161052/let-s-encrypt-certificate-authority-expiring-soon/7