Project

General

Profile

Actions

Bug #8150

closed

upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig

Added by Oliver Schonrock almost 7 years ago. Updated almost 7 years ago.

Status:
Not a Bug
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
12/01/2017
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

We recently upgraded several pfsense installs from 2.3.x to 2.4.y.

All these installs had properly signed SSL cert installed for the webconfigurator.

The upgrade generated a new self signed cert (not 100% sure this is accurate, maybe it was still there from earlier install), and then selected that self signed cert rather than the proper one.

because the domain uses HSTS and browsers won't allow you to make "security exceptions" for badly signed ssl certs in case of HSTS, we almost got a bit stuck. We solved it by ssh tunneling behind the upgraded install and accessing the webconfigurator from the "LAN" side.

Actions

Also available in: Atom PDF