housewrecker Posted July 5, 2022 Share Posted July 5, 2022 (edited) The certificate I have for the Unraid webpage and in Chrome it says the Cert isn't trusted. I'm on Windows. Is the cert bad or unsafe or is this something I need to add to Chrome/Windows to trust? Edited July 5, 2022 by housewrecker Quote Link to comment
ljm42 Posted July 6, 2022 Share Posted July 6, 2022 If you are using a self-signed certificate then those are not trusted by default, and it is normal to have to tell Chrome that you trust it. If you aren't sure how to do that, post a screenshot of what you are seeing. Or you could switch to a full and proper certificate on the myunraid.net domain. These instructions are for 6.10.3, but will be pretty close for older versions as well: https://wiki.unraid.net/Manual/Security#Securing_webGui_connections_.28SSL.29 Quote Link to comment
housewrecker Posted July 6, 2022 Author Share Posted July 6, 2022 It says LetsEncrypt and R3 which I thought should be recognized by Chrome. Is this self signed? Quote Link to comment
ljm42 Posted July 6, 2022 Share Posted July 6, 2022 It is much easier to answer questions if I know what version of Unraid you are on Actually, please upload your diagnostics.zip file (from Tools -> Diagnostics) to your next post in this thread. Also, what URL are you using to access the server when you get the message from Chrome? Quote Link to comment
housewrecker Posted July 6, 2022 Author Share Posted July 6, 2022 Here you go. https://192.168.1.8/Dashboard blue-diagnostics-20220706-1714.zip Quote Link to comment
ljm42 Posted July 6, 2022 Share Posted July 6, 2022 SSL certificates are valid for specific URLs. Full and proper certificate like the one from Lets Encrypt require a Fully Qualified Domain Name that is unique in the whole world, these types of certificate are not valid for https://ipaddress URLs. To find the proper url for your server go to: http://ipaddress <- note http not https and that will redirect to something like: https://yourpersonalhash.unraid.net That is the URL you want to use if you don't want Chrome to give SSL warnings. Quote Link to comment
housewrecker Posted July 6, 2022 Author Share Posted July 6, 2022 When I do that, chrome says the site can't be reached. [removed image] Quote Link to comment
Solution ljm42 Posted July 7, 2022 Solution Share Posted July 7, 2022 Unfortunately, DNS Rebinding Protection seems to be enabled on your network. Until you resolve that you won't be able to use this certificate with the proper url. You can verify this by opening a command prompt on your computer and typing: nslookup yourpersonalhash.unraid.net (use your personal url there, it was shown the in the error message you pasted) If DNS Rebinding Protection is disabled, you will get a response similar to this: Address: 192.168.1.1 Non-authoritative answer: Name: yourpersonalhash.unraid.net Address: 192.168.1.8 But if it does NOT resolve to 192.168.1.8 then you know DNS Rebinding Protection is enabled. This protection might be enabled by your DNS server, you could try configuring your router to give DHCP clients the 8.8.8.8 DNS server. Or it might be a feature of your router, in which case try Googling "disable DNS rebinding [router name]". There isn't really a whole lot more I can suggest, it depends on the specifics of your network. 1 Quote Link to comment
housewrecker Posted July 7, 2022 Author Share Posted July 7, 2022 I made those changes and that worked. Thanks for the help! 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.