Hi there. I have a NAS with TrueNAS Core as its OS connected to the same computer network (router) as my Windows PC. I cannot turn off my NAS in a secure way. When I try to sign into the TrueNAS web page at https://truenas/ui/sessions/signin from my Windows PC in order to shut down my NAS from the Web GUI my browser displays a warning that the site’s SSL certificate is invalid and cannot be trusted. I have been unable reach iXsystems support. Please bear in mind that I do not know anything about Linux or any other OS (including TrueNAS) except Microsoft Windows. I need a safe and simple way to turn off my NAS from my Windows PC. Your assistance will be appreciated.
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Unsafe SSL certificate on sign-in page
- Thread starter groucho
- Start date
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
Well, there's no reason you should need to be accessing that page via https; http should also work. But aside from that, this is entirely expected behavior--TrueNAS generates its own self-signed certificate when you install it, and your browser doesn't trust that certificate. Ignore that warning (exactly how to do that depends on which browser you use; with Firefox you'd clicked the Advanced button) and you'll be able to browse to the UI, log in, and shut down the server.
Thanks! I did not know that you had answered my question last Friday until just now. The TrueNAS Community administrator never notified me of your reply. I do not see any Advanced button in my Firefox browser. Would you please be so kind as to send me detailed step-by-step instructions for making my Firefox browser ignore the SSL certificate warning?
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
It might depend which version of Firefox you use. With mine (Firefox 117 on Mac), there is indeed an Advanced button:
So you'd click that, then click Accept the risk and continue:
...and then you'll go to the login page:
If you don't have the Advanced button, you may want to Google how to circumvent certificate warnings in your version of Firefox.
So you'd click that, then click Accept the risk and continue:
...and then you'll go to the login page:
If you don't have the Advanced button, you may want to Google how to circumvent certificate warnings in your version of Firefox.
Thanks again! Is there any way to avoid getting that warning in the first place? I wish your administrators could notify me whenever a reply is posted to my question. If you know of a way to get notified please send a brief e-mail to groucho43@outlook.com
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
Once you've bypassed the warning, I don't believe Firefox will show it again. Or, of course, you could browse to the web interface using HTTP rather than HTTPS, in which case there wouldn't be any such warnings.
The administrators are surely not going to manually notify people when replies are posted to their threads. But the forum software ordinarily would do that by default. Toward the top of this thread, I have buttons that look like this:
If the second one for you says "Watch," click on that and you should get email notifications. If it says "Unwatch" as mine does, the system thinks it's already sending them for you. Perhaps they're going to your spam folder.
Thanks! The button at the top right of this page says Unwatch, which means that I should be receiving those notifications, yet I am not receiving them. The sign-in page at https://truenas/ui/sessions/signin displays the security warning whether I use HTTPS or HTTP. If I click Advanced and go to that page anyway, my browser still warns me the next time I try to access that page..
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
Is it the same warning? And if so, do you have an extension like HTTPS Everywhere installed in your browser that will (as the name suggests) try to force HTTPS everywhere? Otherwise, if it's a different warning, many browsers will warn you about entering login credentials on a HTTP-only page.
Really, there are two basic ways to avoid this problem: (1) get a cert that your browser trusts for your NAS, or (2) instruct your browser not to care. Neither is really in the scope of this forum.
Many thanks but, why, may I ask with all due respect, is getting a certificate for my NAS that my browser trusts outside the scope of this forum? There have been discussions of just this issue on this forum (see here and here). I need step-by-step instructions for creating this certificate and for installing it on my browser. The instructions on this web page do not say which interface to start from. And, I hate to have to repeat myself, but I am still not getting notified about your replies, a week after first posting my question, even though I am registered to Watch this thread. I know you are not the administrator of this forum but have no idea who is and how to contact him (or her). Kind regards.
danb35
Hall of Famer
- Joined
- Aug 16, 2011
- Messages
- 15,504
There's one such way that would be within the scope of this forum, and it's documented in the docs--I can't point you to where in the docs because you've posted in a subforum for software you aren't using (this subforum, as it says, is for legacy versions of FreeNAS, not for TrueNAS), and haven't shared which software you are using. But it's there. It would also require you to own a domain, and have your DNS hosted by one of a handful of providers.
Other than that, creating a cert that you sign yourself is covered in the docs; you've already found where. Making your browser trust that cert is up to your browser, and it's outside the scope of this forum because it has nothing to do with TrueNAS.
