-
Fix common problems warning about invalid certificate
Right on. Thanks for explaining everything.
-
Fix common problems warning about invalid certificate
Thanks for all your help! Truly appreciated. Shortly after my last post, under the help for "Use SSL/TLS", I noticed what lines up with your explanation... how it's checking for certs in order, starting with certificate_bundle.pem & only if that file doesn't exist, does it create the "<server-name>_unraid_bundle.pem" cert. Before deleting the SERVER_unraid_bundle.pem file, I made a backup. Should I drop it back into place, or is that a moot point... or worse, would it cause problems? Glad to hear it's a "non-issue", and I have no problem accessing the WebUI in this way. Also excited for 6.10! thanks for the tools and all your help!
-
Fix common problems warning about invalid certificate
Getting Closer! After following the steps above, I no longer get the warning when running "fix common problems" scan. That's good! However, a new SERVER_unraid_bundle.pem file was not regenerated after turn "Use SSL/TLS" back to "auto". I even restarted the server, as I figured that would initiate the process (per the "renewcert" help under the "Use SSL/TLS" section), but there is only a "certificate_bundle.pem" file left in "/boot/config/ssl/certs/". Is there something else needed to regenerate the self-signed cert? or just patience? Without the cert, when I browse to "https://SERVER.DOMAINNAME.local:HTTPS_PORT", I'm getting a certificate warning again. If i look at the certificate warning, it's telling me the cert is issued to "xxxxxxx.unraid.net". Interestingly, the properties of the certificate, in the Windows title bar, it lists the certificate as "SERVER.DOMAINNAME.local".... the warning I'm getting now reads: URL: SERVER.DOMAINNAME.local Reason: Invalid name of certificate. Either the name is not on the allowed list, or was explicitly excluded. View certificate I'm guessing the problem is that the "SERVER_unraid_bundle.pem" file wasn't regenerated. thanks again!
-
Fix common problems warning about invalid certificate
I also just realized if I enter the URL "https://SERVER.DOMAINNAME.local:HTTPS_PORT" into my browser, I land on the login page with no certificate issues. I'm not using 80 for HTTP or 443 for HTTPS. When I connect this route, the address listed in my address bar remains "https://SERVER.DOMAINNAME.local:HTTPS_PORT/Main" after login. If I view the certificate using this method, it lists a DNS Name entry for "SERVER.DOMAINNAME.local", in addition to the xxx.unraid.net entries. If I enter the URL "http://SERVER.DOMAINNAME.local:HTTP_PORT" into my browser, I redirect to the "https://xxxxxxxx.unraid.net:HTTPS_PORT/login" page (this feels correct). Again, no certificate issues this way. After login, the address bar remains in the "https://xxxxxxxx.unraid.net:HTTPS_PORT/Main" format. If I view the certificate using this method, it does not lists a DNS Name entry for "SERVER.DOMAINNAME.local", only the xxx.unraid.net entries. hopefully this adds useful info. thanks
-
Fix common problems warning about invalid certificate
the SERVER_unraid_bundle.pem was autogenerated (I'm assuming - when I used the "provision" tool when enabling SSL??) SERVER.DOMAINNAME.local should be the correct url. In testing however, both "https://SERVER.DOMAINNAME.local" and "https://SERVER.local" are producing certificate errors, as they are trying to utilize my LetsEncrypt wildcard cert which is pulled via SWAG for a different domain I own (let's call it "OTHERDOMAIN.com"). What does work for me however is using the URL "https://xxxxxxxx.unraid.net:HTTPS_PORT". This is what I've been using, and assumed that things were "working as expected", which now seems less accurate. I can also use http://SERVER.DOMAINNAME.local:HTTP_PORT and it will redirect to the "https://xxxxxxxx.unraid.net:HTTPS_PORT" page with no certificate warning. If i use "https://SERVER.DOMAINNAME.local" and ignore the certificate warning, it does take me to the unraid login and lists the connection as secure. When i check the certificate, under the "Subject Alt Names", it's listing the correct internal IP address, the "SERVER.DOMAINNAME.local" DNS name, and the "xxxxxxxx.unraid.net" & "www.xxxxxxxx.unraid.net" DNS Names. In all my poking around, I have not seen "SERVER.local" listed anywhere on any of the certificates. Should I wipe out the .pem files in "\config\ssl\certs\" and let unraid re-provision a new cert for SSL? How do I guarantee i get the System Name and Local TLD matching correctly? thanks again!
-
Fix common problems warning about invalid certificate
I'm seeing similar warning, but with a slightly different setup. My domain is setup as "DOMAINNAME.local" within my router. I currently have set: Settings > ManagementAccess > Local TLD: DOMAINNAME.local Settings > ManagementAccess > Use SSL/TLS: Auto For the Server's name, I have: Settings > Identification > Server name: SERVER During the last Fix Common Problems run, i got the warning that lists: Your SERVER_unraid_bundle.pem certificate is for 'SERVER.local' but your system's hostname is 'SERVER.DOMAINNAME.local'. Either adjust the system name and local TLD to match the certificate, or get a certificate that matches your settings. Even if things generally work now, this mismatch could cause issues in future versions of Unraid. The local TLD can be adjusted here As the message indicates, things are currently working, but I'd like to avoid any future issues. Trying to understand how this works and how to resolve. Should "Server name" and "Local TLD" be adjusted in unraid. Should i not be using "DOMAINNAME.local" on my router? Thanks in advance!
xta101
Members
-
Joined
-
Last visited