CP HTTPS without red page



  • Hi,

    Is it possible configure CP with HTTPS but not to get RED PAGE (HTTPS CERT etc.) ?

    Thanks



  • Hi,

    What is a red page ?

    I guess you mean that you use a self-signed certificate when you activated the "https" on your portal.
    That isn't a great idea, knowing that real certificates exists, and you can get them for free.



  • Nothing at all is wrong with self signed certs - But the people who sell them and make web browsers would like you to think there is.

    There is no money in a self signed cert…



  • Hi and thanks for replies,

    To be more clear I will explain my question detailed:

    I did some interface changes in CP Login page, so when user tries open any URL pfSense directs it to CP login page (http://IP_ADDRESS:8000/bla-bla)
    Then user prompt its username/password etc.

    But when I do enable HTTPS login option for CP it directs to HTTPS login page (http://IP_ADDRESS:8001/bla-bla) and client gets certification notification (see attachment as example)
    But ignoring/accepting it user then again can prompt username/password and go on surfing web

    So I am asking is it possible enable HTTPS login and do not get notification page ?

    Thanks




  • You would have to replace your self signed cert in CP with a signed cert which can be cheap or perhaps free - I'd put my money on $9 - $19 or so with digicert or someone like that.

    If you get a signed cert to avoid those warning pages, you will want one that appears in the trusted roots for all the various OSes / Browsers.



  • Sorry but I didn't get it

    you will want one that appears in the trusted roots for all the various OSes / Browsers.



  • Not every signed cert is universally recognized by all browsers, so try to pick one that is.
    It depends if the root cert authority is in the list for the browser being used.

    A reliable company will be widely recognized - Others may not be.



  • OK then I will get cert from digicert and test it
    Thanks


  • LAYER 8 Netgate

    Don't waste your money if you're thinking it'll stop all cert errors.

    https://forum.pfsense.org/index.php?topic=85423.msg470634#msg470634



  • Yes - I see your point.
    For them to go no cert error connecting to your network, your network address would have to be the url they entered in the address bar.
    Go figure the odds.


Log in to reply