WebGui broken after changing to https



  • I just installed pfsense embedded fresh from scratch. After configuring everything, I changed WebGui access from http to https. After that no chance accessing pfsense. I did the same procedure twice (again from scratch, inclusive flashing the cf card). Again after changing from http to https no access to the Webgui. I could access via SSH.

    Just to say, I have my own server certificate und RSA key which I set during the installation. They work(ed) with m0n0wall and pfsense 1.2RC2.



  • Nothing has changed between rc2 that is remotely close to having anything to do with this particular thing.  Does a reboot fix it?



  • No, a reboot didn't fix it.

    I'm not shure when this problem first occured, possible on RC2. I switched then to m0n0wall. Yesterday I was thinking of trying pfSense again, with this result.

    What I didn't try was switching to https without my own certificat or entering the certificat after switching to https.



  • https in general is working. I haven't used it with own certificate yet though but nearly all my installs run on https just fine. The only issue it has when using a slow machine like a wrap it will try to redirect too soon so you get a timeout but if you give it some more time you can manually access it via the https port. This only happens on really slow hardware though.



  • I have the ALIX board, so speed shouldn't be the problem. Now, I'm running m0n0wall with the same certificates.

    At the moment I can't make a new test as everything (inlcuding phones) goes over this internet connection.



  • Now I can say for shure, WebGui gets unaccessable after installing the certificates. It doesen't matter if bevor or after setting the Webgui to https…



  • From a shell, run this:

    /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf

    Report back the errors.



  • make sure you create a rule in your firewall that allow the 443 port, it is working with me perfectly in all 5 servers



  • @hadi57: Do you use own certificates? Problem started then for me…

    Hadn't had time yet to check sullrichs test.



  • Tomorrow I'll get an other ALIX board. Then I can make the test with a non productive firewall. I'll report back then.



  • Were you using captive portal on the machine? If so you your captive portal lock file may not have been deleted. This happened to me and recorded the resolution at: http://forum.pfsense.org/index.php/topic,8152.0.html.



  • I did now your test, seems that it was my fault - something wrong with my secur key:

    /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
    firewall:~#  /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf
    2008-03-28 16:25:26: (network.c.377) SSL: Private key does not match the certificate public key, reason: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned /var/etc/cert.pem
    firewall:~#

    I generatet a new set key and certificate, now https workes with my certificate.


Log in to reply