The pfSense Store

Author Topic: Resetting LAN IP didn't restore access to webGUI after bad certificate entered  (Read 2646 times)

0 Members and 1 Guest are viewing this topic.

Offline johnmen

  • Newbie
  • *
  • Posts: 2
    • View Profile
Hi there,

I know there is a sticky post at the top of this forum that instructs you to reset the LAN IP in order to reset the webGUI back to HTTP so that you can recover the access to the webGUI after entering a bad SSL certificate.

My problem is that the trick doesn't work for me.  I have tried following the instructions exactly for 5, 6 times but no luck getting back to webGUI at all.  I tried different LAN IP addresses just in case the value of IP matters, tried enabling or disabling the DHCP, tried rebooting the pfSense box after the process, but at the end, accessing http://x.x.x.x from any web browser (from more than one internal hosts) yielded nothing.  the pfSense box seems to be not listening on port 80 at all despite that I got the message that tells me 'now you can access the webGUI at http://x.x.x.x' everytime I completed the IP reset process.

The certificate file I entered is correct, I believe I entered the wrong key file that caused the problem to me.  I think the key file should be one that has been decrypted, the one I entered is encrypted.  I guess pfSense has no idea how to decrypt the key hence unable to utilise the certificate.

Can anyone help me recovering http access to the webGUI please?

Thanks!
« Last Edit: October 29, 2009, 12:03:10 am by johnmen »

Offline johnmen

  • Newbie
  • *
  • Posts: 2
    • View Profile
Saddly no one in this forum could help me with that.

I ended up resetting the firewall to factory default and started the configuration from stratch, which effectively removed the wrong certificate key file from the configuration and restored HTTP access for me.

Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5058
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Did you still have access to the box from the local console?
An option would have been to open the config.xml with vi, edit the faulty certificate out, and reboot.
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)

Offline drizzle

  • Newbie
  • *
  • Posts: 5
    • View Profile
I managed to get the access back by running the 11) Restart WebConfigurator in the console setup menu

(After i Set the LAN IP address first of course)