David Dyer-Bennet
Patron
- Joined
- Jul 13, 2013
- Messages
- 286
Looks like the combination of strong security settings on the GUI port, and FreeNAS using a self-signed certificate, has made it impossible to connect from Firefox to FreeNAS. I recently did a forced upgrade (I physically damaged the old USB key it booted from, and downloaded and made a new one, and then uploaded the old configuration backup when the new USB key booted).
FreeNAS version is
Firefox (on Windows 10) is version 55.0.3
Firefox says
So...reconfigure the security from the command line? I don't know how, but there could be a way. The long-term solution could be to tell Firefox to accept the self-signed certificate, but the ways I know to get a copy of the certificate are through the GUI, which I can't reach.
This smells wrong in one way -- it seems like anybody doing a new install from scratch would run into this if they asked for HTTPS enforced, and that seems an unlikely error to leak out. So maybe something else really triggered this?
FreeNAS version is
Code:
[ddb@fsfs ~]$ uname -a FreeBSD fsfs.bpoly.local 10.3-STABLE FreeBSD 10.3-STABLE #0 r295946+21897e6695f(HEAD): Tue Jul 25 00:03:12 UTC 2017 root@gauntlet:/freenas-9.10-releng/_BE/objs/freenas-9.10-releng/_BE/os/sys/FreeNAS.amd64 amd64
Firefox (on Windows 10) is version 55.0.3
Firefox says
Code:
Your connection is not secure The owner of fsfs.bpoly.local has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website. This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.
So...reconfigure the security from the command line? I don't know how, but there could be a way. The long-term solution could be to tell Firefox to accept the self-signed certificate, but the ways I know to get a copy of the certificate are through the GUI, which I can't reach.
This smells wrong in one way -- it seems like anybody doing a new install from scratch would run into this if they asked for HTTPS enforced, and that seems an unlikely error to leak out. So maybe something else really triggered this?
Last edited by a moderator: