Webgui loads slow over ssl with default certificate in firefox

Quandion · Oct 13, 2014, 4:04 PM

Hi,

When I browse my firewalls with https enabled in firefox it is incredibly slow to load.
As far as I've been able to track this issue is because firefox does not allow the end entity certificate to be a CA certificate.
If I create my own CA and a certificate then there's no issue.
Would it be possible to add a CA and have it sign the webConfigurator default certificate and add this to the install images.

Source:
http://roger.steneteg.org/729/firefox-loading-issues-with-pfsense-web-interface/

Regards Q

jimp · Oct 15, 2014, 6:28 PM

Over the last couple days 2.2 was changed to generate a more proper and unique certificate when creating the GUI cert for the first time, so at least for new/future installs it won't be a problem once 2.2 is out.

Disabling the PKIX verification in Firefox can help but that option may have been removed from the most recently released version of Firefox.

dplat · Oct 31, 2014, 4:24 PM

Hi, I'm running the latest 2.2-BETA (amd64) built on Fri Oct 31 04:59:06 CDT 2014 FreeBSD 10.1-RC4…
and I have the same problem... My FireFox is the latest v34 on Windows 8.1.

phil.davis · Oct 31, 2014, 4:31 PM

I think you still need to clean out old certificates in Firefox - Options, Advanced, Certificates, View Certificates. Delete all the certificates listed under "CompanyName".
After a clean start like this, I have not been having this trouble any more.

dplat · Oct 31, 2014, 4:38 PM

Thanks it worked! Have a good week-end!

josemaX · Feb 27, 2017, 7:41 PM

Thanks, worked for me also, only to say (if helps some), these certs are the ones on the Certification Authorities Tab.

Gertjan · Feb 28, 2017, 10:53 AM

@josemaX:

Thanks, worked for me also, only to say (if helps some), these certs are the ones on the Certification Authorities Tab.

You were posting against a subject from 2014 - using an ancient pfSense version that doesn't exists anymore …