Connection not private (first time cockpit access)

[NooB Alert]

I have a newly installed Nethserver and when I want to access cockpit for the first time I get a browser full stop with “connection not private”. No way to bypass it just like that.

What to do please?


[/NooB Alert]

Hi @LayLow, Which browser and OS?

On windows I am not able to use Chrome based browsers (Chrome / M$ Edge) without a valid certificate. Even though I can add an exception after login I get a blank screen, hence using Firefox.

Hi Mark, yep. Google Chrome, MacOS

IIRC @m.traeumner and @france are MacOS users, maybe they can give you some tips.

I have to try at home later, but have a look at the following link please:

Ok, as a quick workaround for Mac users, simply use safari up o the point where you have installed your correct certificates. Then you can use Chrome. Safari seems a bit more relaxed on this.


Firefox is the way! :smiley:

Yeah, saw that one coming :slight_smile:

I hope you can’t blame a tech for trying…

Not at all! It was just a matter of ‘not when but from where’ :slight_smile:

Browser wars, the good old days when Netscape and Mosaic where still dominant


Browser wars from the last millenium…

I’m also a Mac user (mainly) - Firefox, then Safari, one of both always works…

I like FF, as it looks and feels more or less the same on Mac, Linux and Windows…
Same goes for TB…

I do use all three platforms (Also as Desktop), but also OpenBSD…

My 2 cents

1 Like

Time for a “Memory Lane” party!!


I still have my last Win311 (WfW), Dos 6.22 and Norton Desktop (Office & more), but also Netscape and Internet Explorer (Yes, 16 Bit on Win311!) running as a VM on ESXi… Can’t get all features running on Proxmox (yet)…


CP/M back in the day

Used CP/M too - but only for a short while…

CP/M? Yeah, used that, a little bit. Remember Netscape (and even NCSA Mosaic, its predecessor), not to mention gopher and lynx.

But more to the point of this topic, if Chrome absolutely refuses to let you bypass a certificate error, that’s simply poor behavior–unless you’re connecting by hostname, and a previous incarnation of that hostname used HSTS (in which case it’s doing exactly what it’s supposed to do). Using another browser is certainly an option, but another would be to generate the cert at the CLI. If memory serves, you could do that with config setprop pki LetsEncryptDomains foo.yourdomain,bar.yourdomain,baz.yourdomain followed by /usr/libexec/nethserver/letsencrypt-certs.

1 Like

That put me on the right track Dan. I used the hostname and now I use the IP. Chrome still gives me a warning, but at least Chrome now provides me a way to procedd with a nice button. BINGO!

Thanks @danb35

1 Like

I use Safari, even if it’s not the best for many operations and caches. Qundo I find myself in difficulty using firefox, where some operations are not performed by safari. I used other browsers but I don’t use chrome, too invasive.

1 Like

Ok, when installing NS7 and trying to access Cockpit (or any httpS) page on the server with Google Chrome results in the displaying of the infamous message “Connection is not private” access denied and NET::ER_CERT_COMMON_NAME_INVALID. And there you are, not able to access Cockpit to set correct certificates and such.

Try this:

  • Access the ‘connection not private’ page
  • Use the mouse and click somewhere on a blank part on the page
  • Type: thisisunsafe (simply type it on your keyboard)
  • Refresh the page

And you should be presented with the proceed button at the bottom, despite the warning.

(This trick will add the page to a safelist)

HTH Did it work for you?