[SOLVED] First installation, hostname & certificate

dummies

#1

Hi,
I’m new to Nethserver, so I may ask too simple questions. But I could not find the answer so I open this topic.
I have installed Nethserver on a Intel NUC behind my ISP router. I can access the manager within my lan. I have a dynamic IP, so I have installed ddclient (thank you Stéphane) and use noip.
Everything is find except that I cannot access permanently to my server through the dyn DNS. Any browser I use tells me that the site is unsafe due to self-signed certificate, but I have no option to add a permanent exception. I believe it is due to my certificate.
I have the following data:
no-ip DNS: xxx.ddns.net
Domain: ddns.net
Host: xxx
CN: xxx.ddns.net

Is my certificate with the right configuration? How can I add permanently this certificate to my computer?
Thank you for your help.
Loïc


(Kristian Malvander) #2

Hi, Have you read the documentation in the base section how to add a custom Certificate ?


#3

Thank you. I will follow the instructions and let you know.
Loïc


#4

In fact, I don’t really understand what I shall do. Is the server certificate not enough? Why should I generate a custom certificate? When I re-generate the server certificate, I cannot accept permanently the certificate. I finally download the certificates from /etc/pki/tls/certs and installed them as permanent certificates, and it works.
Thanks for your comments.


(Filippo Carletti) #5

I don’t think your problem is the certificate.
Could you describe (or take a screenshot) what’s happening when you access the system?
Maybe you could send me privately the dyndns hostname so that I can see the problem.


#6

I have such screen (sorry it is in French), with no possibility to add permanent certificate:


(Filippo Carletti) #7

No need to permanently add the cert. You simply confirm the exception every time you connect. Until you buy a cert (or wait let’s encrypt). :smile:


#8

As you can see, there is no option to confirm access, just to quit!


(Gabriel GHEORGHIU) #9

Hello everybody,

I’m agree with Filippo.

I think the problem is from browser or from the browser in conjunction with the OS.
Even if I installed the certificates (Endian, NethServer, Zentyal), for administering or for webmail access, as Trusted, only with Mozilla I can add permanent exceptions.
I have issues with IE and Chrome.

When I used AXIGEN as email server, everything went well after I installed the certificate as Trusted on any computer that used webmail access. After a while, depending of the updates/upgrades of the OS & browsers, some users had this issues.

Kind regards,
Gabriel


(Filippo Carletti) #10

It’s a browser problem. Try another browser, please.
See mine:


#11

I had tried with Firefox, IE & Chrome with the same results. I manually added the certificate imported from the server and now IE works, but still now luck with Firefox.


#12

Seems to work now. Thanks all of you.


(Gabriel GHEORGHIU) #13

Hi Ioic,

You are welcome!

Can you mark the post as SOLVED?
Can you give us more details?
I think it will be useful for everybody on this Forum.

Thank you in advance,
Gabriel


#14

I went to the certificate manager of Firefox, and add an exception to the url of my site, then add a permanent exception.


(Kristian Malvander) #15

Sorry my fault, I thought you wanted to add an real certificate and not an permanent exception for the self signed certificate in your browser.