karash Posted April 13 Share Posted April 13 (edited) Today I went through the process of finally clearing my technical debt and upgrading my server from 6.8.3 to 6.12.10. This has brought with it a little bit of quick learning, specifically in regards to Certificates. 6.8.3 used self-signed certificates and it seems that somewhere along the way there was a switch to being able to use Unraid Let's Encrypt certificates? I have provisioned an Unraid LE certificate and Unraid Connect is working as is the "*.myunraid.net" URL. However when looking at the Management Access settings I see the following: It looks like the "*.myunraid.net" is using certificate_bundle.pem while the local URLs are all using the SERVER_unraid_bundle.pem certificate, this is causing me to get an SSL warning when I navigate to my Unraid GUI. Reading the docs here: https://docs.unraid.net/unraid-os/manual/security/secure-webgui-ssl/ I see there are two listed options: HTTPS with Myunraid.net certificate and fallback URL if DNS is unavailable HTTPS with custom certificate - with option to have Unraid Connect Remote Access #2: HTTPS with custom certificate - with option to have Unraid Connect Remote Access seems to be what Unraid is using for me now: Quote You are responsible for managing the certificate. Upload it to /boot/config/ssl/certs/[servername]_unraid_bundle.pem This is where my current SERVER_unraid_bundle.pem is located. Whereas #1 appears to use certificate_bundle.pem for both the "*.myunraid.net" URL as well as the local URLs/IP. But there are no instructions on setting that up. Is there a way for me to switch from using the [servername]_unraid_bundle.pem to the Unraid LE (certificate_bundle.pem) certificate? I think it may be as simple as deleting my self-signed certificate but I don't want to end up losing access to my GUI entirely. I also am not sure if this will end up messing anything up for the likes of docker containers or other functions. Edited April 20 by karash Quote Link to comment
Solution ljm42 Posted April 15 Solution Share Posted April 15 On 4/12/2024 at 7:27 PM, karash said: It looks like the "*.myunraid.net" is using certificate_bundle.pem while the local URLs are all using the SERVER_unraid_bundle.pem certificate, this is causing me to get an SSL warning when I navigate to my Unraid GUI. This is correct. The certificate_bundle.pem cert is ONLY valid for *.myunraid.net urls. There is zero benefit to using it with other urls. If you access the server by IP address or by name then it will use a self-signed cert. On 4/12/2024 at 7:27 PM, karash said: But there are no instructions on setting that up. It is fully setup. To use it, click the url starting with https://192-168... that you blanked out of the screenshot. For more information, see https://docs.unraid.net/unraid-os/manual/security/secure-webgui-ssl/ Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.