installing ISP crt file

S

sirsnir

Cadet
Joined
Nov 10, 2022
Messages
5
hi.
i have a running truenas 13 system.
locally on my lan,everything is perfect.
in order to download plugins,my isp requires a crt installation on every device(it's a special ISP that gives internet filteration services),and i can't figure how to install the crt file on the system.without it i can't access any https website...can someone help with that?
 
joeschmuck

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,996
You should be more specific in exactly what you are doing and what you need https access for on a TrieNAS system. Are you running a file sharing service, download service, trying to update TrueNAS, cloud backup, etc... The cert may need to be installed in the jail/vm application. I'm not the expert on this topic but in order for someone to provide you good feedback, you need to provide more details, including what version of TrueNAS 13 you are running. You might even need to provide more details on your ISP.
 
S

sirsnir

Cadet
Joined
Nov 10, 2022
Messages
5
let's be more focused...when trying to create new jail i get:
HTTPSConnectionPool(host='www.freebsd.org', port=443): Max retries exceeded with url: /security/unsupported.html (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer
this kind of error usually happens with my isp when the crt is not installed
updates do work,if i remember i did install something somehow don't remember how,it was long time ago...
but,if i can't create new jails,i can't install plugins that requires jails...
 
joeschmuck

joeschmuck

Old Man
Moderator
Joined
May 28, 2011
Messages
10,996
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
From your description, it sounds like your ISP inspects all the traffic in and out of your network, which includes decrypting and re-encrypting all encrypted traffic. In order to do that, it creates its own certificates for sites you visit, signing them with its own (fake) security certificate. This is a horribly insecure arrangement, and you shouldn't tolerate it.

You're asking how to get TrueNAS to trust a cert it shouldn't trust. I'm not aware of any way to make it do that.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "installing ISP crt file"

Similar threads

G
download speed issue
Replies
1
Views
2K
jgreco
jgreco
A
QBittorrent and GDrive slow down download speed
Replies
4
Views
3K
WN1X
WN1X
I
Can't Resolve hostnames, but can ping/nslookup
Replies
2
Views
3K
IronPhreak
I
J
  • Locked
Purchased SSL Cert with OwnCloud
Replies
12
Views
4K
Joshua Parker Ruehlig
Joshua Parker Ruehlig
I
  • Locked
Strange issues with Nextcloud HELP !!!!
Replies
3
Views
1K
Ericloewe
Ericloewe
Top