Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Unraid 6.10.1 SSL

Featured Replies

I had my own custom Wildcard ssl certificate, 

 

After upgrading to 6.10.1 it now does not give me th eoption and has an unraid wildcard instead.

 

How do i get it to use mine again?

 

 

 

image.png

Edited by Joedy

Solved by ljm42

13 hours ago, Joedy said:

I had my own custom Wildcard ssl certificate, 

 

After upgrading to 6.10.1 it now does not give me th eoption and has an unraid wildcard instead.

 

How do i get it to use mine again?

 

It looks like you Provisioned a myunraid.net cert. That is fine, in 6.10 you can use your own custom cert as well.

 

The Settings -> Management Access page does not show details about personal certs but they do work fine.  You have to make sure to set the Server Name and Local TLD of the server to match the Subject of the certificate.  Wildcards are supported too.

 

Full instructions are in the manual:
  https://wiki.unraid.net/Manual/Security#Securing_webGui_connections_.28SSL.29
Start with the "a few details before we begin" section and then scroll down to "Custom Certificates"

 

If you have any questions, tell me the url that you want to use to access the server and I will tell you how to set the server name, Local TLD, and certificate.

  • Author
5 hours ago, ljm42 said:

 

It looks like you Provisioned a myunraid.net cert. That is fine, in 6.10 you can use your own custom cert as well.

 

The Settings -> Management Access page does not show details about personal certs but they do work fine.  You have to make sure to set the Server Name and Local TLD of the server to match the Subject of the certificate.  Wildcards are supported too.

 

Full instructions are in the manual:
  https://wiki.unraid.net/Manual/Security#Securing_webGui_connections_.28SSL.29
Start with the "a few details before we begin" section and then scroll down to "Custom Certificates"

 

If you have any questions, tell me the url that you want to use to access the server and I will tell you how to set the server name, Local TLD, and certificate.

Ok thanks will give it a try

 

so it is not TLD anymore it is the machines full domain name

  • Author
On 5/24/2022 at 2:08 AM, ljm42 said:

 

It looks like you Provisioned a myunraid.net cert. That is fine, in 6.10 you can use your own custom cert as well.

 

The Settings -> Management Access page does not show details about personal certs but they do work fine.  You have to make sure to set the Server Name and Local TLD of the server to match the Subject of the certificate.  Wildcards are supported too.

 

Full instructions are in the manual:
  https://wiki.unraid.net/Manual/Security#Securing_webGui_connections_.28SSL.29
Start with the "a few details before we begin" section and then scroll down to "Custom Certificates"

 

If you have any questions, tell me the url that you want to use to access the server and I will tell you how to set the server name, Local TLD, and cerserverstificate.

 

"Sorry about the double up of screen shots but when I paste into the forum it puts double in for some reason."

 

 

I tried to do it bother ways with the wildcard cert I have but it wont pick up the local Certificate and if I dont provision the unraid cert I cant use the My Servers

 

 

 

 

 

 

 

image.png

image.png

Edited by Joedy

You showed a screenshot of your browser where it showed you the certificate information. Click the Details tab and find the "Subject" field. What url is listed there in the "Subject" field? A screenshot of this would be great.

 

What url do you want to use to access the server?

  • Author
3 hours ago, ljm42 said:

You showed a screenshot of your browser where it showed you the certificate information. Click the Details tab and find the "Subject" field. What url is listed there in the "Subject" field? A screenshot of this would be great.

 

And what url do you want to use to access the server?

The url to access the server is 

 

https://backup.horts.com.au

 

the cert screenshots is just the unraid cert not my actual certificate.

 

 

image.png

Edited by Joedy
remove one attachment

  • Author
3 hours ago, ljm42 said:

You showed a screenshot of your browser where it showed you the certificate information. Click the Details tab and find the "Subject" field. What url is listed there in the "Subject" field? A screenshot of this would be great.

 

What url do you want to use to access the server?

this is the cert it should be using, was using before the upgrade Multi domain wildcard Certificate

 

 

 

image.png

Edited by trurl
delete duplicate screenshot

  • Solution

 

2 hours ago, Joedy said:

The url to access the server is 

https://backup.horts.com.au

 

To use this url:
  https://backup.horts.com.au

  • Your Server name (on Settings -> Identification) should be "backup"
  • Your Local TLD (on Settings -> Management Access) should be "horts.com.au"

When you change "Use SSL/TLS" to Yes, Unraid will automatically make a self-signed certificate with the "Subject" of "backup.horts.com.au" and place it on the flash drive here:
   config/ssl/certs/backup_unraid_bundle.pem
 

2 hours ago, Joedy said:

this is the cert it should be using, was using before the upgrade Multi domain wildcard Certificate

 

The screenshot you provided of your custom certificate uses the "Subject Alternative Name" field, which Unraid ignores. It sort of worked in 6.9.2, but only by accident. It will not work in Unraid 6.10.

 

If you want to provide your own certificate, you need to make sure the "Subject" of the certificate is either "backup.horts.com.au" or "*.horts.com.au". Then overwrite the certificate that Unraid created on your flash drive:

  config/ssl/certs/backup_unraid_bundle.pem

You can then change "Use SSL/TLS" back to No and then to Yes again to get it to see the cert. Or you can open a web terminal and run:

  /etc/rc.d/rc.nginx reload

 

Note that if the "Subject" of the cert is not correct, the certificate will be deleted and replaced with a self-signed cert that has the correct Subject.

  • Author
10 minutes ago, ljm42 said:

 

 

To use this url:
  https://backup.horts.com.au

  • Your Server name (on Settings -> Identification) should be "backup"
  • Your Local TLD (on Settings -> Management Access) should be "horts.com.au"

When you change "Use SSL/TLS" to Yes, Unraid will automatically make a self-signed certificate with the "Subject" of "backup.horts.com.au" and place it on the flash drive here:
   config/ssl/certs/backup_unraid_bundle.pem
 

 

The screenshot you provided of your custom certificate uses the "Subject Alternative Name" field, which Unraid ignores. It sort of worked in 6.9.2, but only by accident. It will not work in Unraid 6.10.

 

If you want to provide your own certificate, you need to make sure the "Subject" of the certificate is either "backup.horts.com.au" or "*.horts.com.au". Then overwrite the certificate that Unraid created on your flash drive:

  config/ssl/certs/backup_unraid_bundle.pem

You can then change "Use SSL/TLS" back to No and then to Yes again to get it to see the cert. Or you can open a web terminal and run:

  /etc/rc.d/rc.nginx reload

 

Note that if the "Subject" of the cert is not correct, the certificate will be deleted and replaced with a self-signed cert that has the correct Subject.

 

Well thats just not real good as it is a multi domain wildcard cert and that is not an option for it as the subject name is horts.com.au, we use this certificate through our enterprise setup.

 

bit disapointed this was changed and is now useless, the drives in the array do not show up if the certificate does not match and other areas have issues now because of this.

 

we will just roll back and use the older version as the new one provides no benifit to us, thanks heaps for your response.

 

 

Edited by Joedy
added subject name

  • Community Expert
3 hours ago, Joedy said:

Sorry about the double up of screen shots but when I paste into the forum it puts double in for some reason.

Doesn't seem to happen to anyone else. How are you doing this exactly?

  • Author
2 minutes ago, trurl said:

Doesn't seem to happen to anyone else. How are you doing this exactly?

ctrl V to paste from snagit, i even delete one of the screenshots but it puts it back after i save

 

Edited by Joedy

13 minutes ago, Joedy said:

Well thats just not real good as it is a multi domain wildcard cert and that is not an option for it, we use this certificate through our enterprise setup.

 

I am sorry that you are unable to use your existing wildcard certificate. It should not have worked under 6.9.2 either, if it did it was an accident.

 

One of the major focuses of Unraid 6.10 is security, as such we are being very strict about certificates and ensuring the server only responds to specific urls.

 

You might consider getting a certificate specifically for "backup.horts.com.au"

  • Author
5 hours ago, ljm42 said:

 

I am sorry that you are unable to use your existing wildcard certificate. It should not have worked under 6.9.2 either, if it did it was an accident.

 

One of the major focuses of Unraid 6.10 is security, as such we are being very strict about certificates and ensuring the server only responds to specific urls.

 

You might consider getting a certificate specifically for "backup.horts.com.au"

A multi domain wildcard cert is just as secure as any cert if not more secure and most Enterprises run of SAN certs these days so they dont have to have 20 different certificates. i would not count it as a mistake that it worked in 6.9.2 as it was one of the reasons we moved to unraid because we could secure it for an enterprise enviroment and our other systems use the certificate to secure the connects between them.

 

Is their maybe a work around with this or rolling back is my only option?

 

thanks heaps for your help.

Edited by Joedy

  • Community Expert
15 minutes ago, Joedy said:

puts it back after i save

I was able to delete one without any problem. Something about what you are doing must be pasting it twice. If you edit the post, you can see the attachments listed separately and delete them.

  • Author
2 minutes ago, trurl said:

I was able to delete one without any problem. Something about what you are doing must be pasting it twice. If you edit the post, you can see the attachments listed separately and delete them.

yes attachment worked but if i delete it directly off the post it puts it back

 

CTRL V is all i am doing to paste into a post, using windows 11

Happens to me too, I simply delete one from the attachement window each time.

5 hours ago, trurl said:

Doesn't seem to happen to anyone else.

 

Oh, this is happening to me all the time as well. Just put a picture into the clipboard and paste it into the text. The picture appears twice, always. I need to remove one picture then, always. There's a report in the forum section.

 

On 5/23/2022 at 6:13 PM, Joedy said:

Is their maybe a work around with this or rolling back is my only option?

 

Hi @Joedy, I dug into it a bit and realized that because of the improvements to SSL handling in Unraid 6.10 we can actually support the Subject Alternative Names in certificates now, and handle them properly.

 

If you are ok testing a pre-release version of Unraid, 6.10.2-rc2 is available by going to Tools -> Update OS and choosing the "next" branch. It would be great if you could test and confirm that your wildcard cert works now. You would also need these settings:

- Your Server name (on Settings -> Identification) should be "backup"

- Your Local TLD (on Settings -> Management Access) should be "horts.com.au"

This will make the url to the server:  https://backup.horts.com.au

 

If you aren't comfortable doing that, would you please send me a DM with your certificate file? Then I'll confirm it is being parsed correctly.

 

Note: BEFORE sending the .pem file, open it in a text editor and remove everything between these lines:
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----

That private key needs to stay on your servers, do not send it to anybody :) 

  • Author

Thanks trying this now, will keep you posted

  • Author
1 hour ago, ljm42 said:

 

Hi @Joedy, I dug into it a bit and realized that because of the improvements to SSL handling in Unraid 6.10 we can actually support the Subject Alternative Names in certificates now, and handle them properly.

 

If you are ok testing a pre-release version of Unraid, 6.10.2-rc2 is available by going to Tools -> Update OS and choosing the "next" branch. It would be great if you could test and confirm that your wildcard cert works now. You would also need these settings:

- Your Server name (on Settings -> Identification) should be "backup"

- Your Local TLD (on Settings -> Management Access) should be "horts.com.au"

This will make the url to the server:  https://backup.horts.com.au

 

If you aren't comfortable doing that, would you please send me a DM with your certificate file? Then I'll confirm it is being parsed correctly.

 

Note: BEFORE sending the .pem file, open it in a text editor and remove everything between these lines:
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----

That private key needs to stay on your servers, do not send it to anybody :) 

Did all this but the https gives a 404 error now, cant login to the server through the gui as it just keeps going back to the login screen under http. can login to the CLI without issue. have a dig around to see whats happening.

Please connect via SSH and type "use_ssl no", then you will be able to access the server via http. It will tell you the specific url. If you get an error when logging in, please clear your browser cache.

 

Then grab the diagnostics.zip file (from Tools -> Diagnostics) and upload it here

  • Author
21 minutes ago, ljm42 said:

Please connect via SSH and type "use_ssl no", then you will be able to access the server via http. It will tell you the specific url. If you get an error when logging in, please clear your browser cache.

 

Then grab the diagnostics.zip file (from Tools -> Diagnostics) and upload it here

i can unc into the server so just changed the ident.cfg file, it is having issues letting go of the unraid cert so just trying to settle it and then i can try again

  • Author

pm you my Cert so you can see the issues, does not want to use it rather than the unraid cert

  • Author

This was sorted by upgrading to 6.10 Rc2 few steps involved but does recognise our Multi domain wildcard Cert (SAN)

 

Thanks to Ijm42 for the help.

Woohoo! Glad this is confirmed to work.

 

FYI to anyone else trying this - Fix Common Problems doesn't know that we support this type of cert yet so it will complain that the cert has an invalid url. Please ignore that, I need to update FCP :) 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.