Moussa Posted August 24, 2022 Share Posted August 24, 2022 Hi there, Recently my browser has started showing an invalid certificate warning when I navigate to <myserverhash>.unraid.net. Clicking on the cert details in the browser shows the cert is signed by <servername>.local despite Unraid showing a cert from LE in my Management Access settings. I've tried the steps described in with no luck, even rebooting my server. Strangely the Management Access page says `DNS Rebinding Protection is ENABLED` but I'd disabled that years ago on my router and nothing has been changed on the router in months. Doing a nslookup from my network resolves the <myserverhash>.unraid.net URL without issue so I don't think there is a DNS rebinding issue, but I'm at a loss as to why I can no longer access my server securely without a warning. Additionally if I leave SSL/TLS access on and ignore the cert warnings I can not see my array (just blank rows), cannot open a web terminal (the opened window either 504s or briefly opens and then closes), or even download diagnostics (it seems to hang immeadiately) so the server is in a pretty broken state. Thanks in advance for any help! blackbox-diagnostics-20220824-1255.zip Quote Link to comment
ljm42 Posted August 24, 2022 Share Posted August 24, 2022 It looks like you provisioned a new certificate after upgrading to 6.10. This changed the url from the old "unraid.net" domain to the new "myunraid.net" domain. DNS Rebinding is still enabled for myunraid.net, so the change you made to your router to disable DNS Rebinding for the old domain will need to repeated for the new domain. Quote Link to comment
Moussa Posted August 24, 2022 Author Share Posted August 24, 2022 @ljm42 Thanks, I missed that a new domain was being used. I've added that to my router exceptions for DNS rebinding and the message about DNS rebinding has now disappeared from the Management Access page, but I'm still seeing the same issue after restarting the server again. It still looks like it's still serving the blackbox.local cert for some reason rather than the LE cert. Quote Link to comment
Solution ljm42 Posted August 25, 2022 Solution Share Posted August 25, 2022 The LE cert is only used when serving the url specified in the LE cert, i.e. https://ipaddress.hash.myunraid.net. If you are using some other url which the LE cert is not valid for, it uses the self-signed cert. If that doesn't clear things up, please provide the latest diagnostics and let me know what url you are trying to use. 1 Quote Link to comment
Moussa Posted August 25, 2022 Author Share Posted August 25, 2022 Ah thanks, that makes sense. I've figured out the new myunraid.net URL now. I think the link on https://forums.unraid.net/my-servers/ was throwing me off because I'm fairly sure it used to point to hash.unraid.net but now is pointing to blackbox.local for some reason. I'm not sure what's going on there but everything else is working now, thank you for the help. Quote Link to comment
ljm42 Posted August 25, 2022 Share Posted August 25, 2022 The url shown on the My Servers dashboard can be adjusted by changing your Use SSL/TLS setting. This section on redirects should help: https://wiki.unraid.net/Manual/Security#Redirects I prefer the Strict setting, although it does make it harder to access your server when your Internet goes down. If that happens, see the url above for the workaround. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.