knights_of_pine Posted June 12, 2022 Share Posted June 12, 2022 6.9.2 I have been wanting to encrypt my array disks. I understand that portion but in the Spaceinvader One video it states you must have HTTPS set up. I go into settings>management access and click "provision" but i get an error: Sorry, an error occurred in processing your SSL certificate. The error is: Your router or DNS server has DNS rebinding protection enabled, preventing xxxxxxxxxxx.unraid.net 192.168.x.x resolution. See Help for more details and workarounds. I searched this error and it seems i need to change some setting in my router? I am using opnsense with unbound and adguardhome plugin. can someone provide some assistance? thank you!! Quote Link to comment
JorgeB Posted June 13, 2022 Share Posted June 13, 2022 12 hours ago, knights_of_pine said: it states you must have HTTPS set up You don't need HTTPS to enable disk encryption. Quote Link to comment
knights_of_pine Posted June 13, 2022 Author Share Posted June 13, 2022 what is the benefit of enabling https? i acces my unraid server locally and by wireguard vpn only. Quote Link to comment
JorgeB Posted June 13, 2022 Share Posted June 13, 2022 It's needed if you want for example to use the myservers plugin for remote access, not needed for local access in a secure lan. Quote Link to comment
ljm42 Posted June 13, 2022 Share Posted June 13, 2022 The thinking goes that if you are concerned about security enough to want to encrypt your disks, you should probably also encrypt the communication between your web browser and the server, since that is how you input the encryption password. Using a fully proper SSL certificate requires you to have a Fully Qualified Domain Name such as hash.unraid.net which Unraid provides. We manage the DNS for you, so that hash.unraid.net points to your server's IP address on the local LAN. However, some routers and DNS servers have a feature called "DNS Rebinding Protection" which prevents this from working. You'll need to do a Google search for "YourRouterName disable DNS rebind" to figure out how to get past that, the solution may be to replace your router. You could also try changing your DNS servers to 8.8.8.8, in case it is your DNS server that is blocking it. The other option would be to use a self-signed certificate rather than a full and proper certificate. Or you might decide you are fine without encrypted communication. It all depends on what level of security you are comfortable with. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.