Problem Description
Clients are refusing to allow exceptions for my self-signed certificate because the Common Name still shows the hostname for my system.
Steps to Reproduce
- Set up FreedomBox and register / configure domain name
- Harbour profound distrust of LetsEncrypt
- Configure eJabberd and test using JSXC
- Connect with Gajim and attempt to allow exception for invalid SSL certificate
- Dialog will continue to re-appear in cases where Common Name is mismatched. Gajim developers confirm this is a feature and not a bug.
Expected Results
I’m looking up how to use openssl to regenerate /etc/ejabberd/ejabberd.pem with the correct hostname.
I came to the forums to ask where else on Freedombox I might find self-signed certificates with the old hostname, aside from the apps themselves?
Having a management panel for self-signed certificates in opposition to a panel for LetsEncrypt seems like it would be very helpful for this.
Actual results
I get an error with the following message:
Certificate not valid
In this case, the error does not go away. Closing the dialog via “x” refuses the connection.
Information
- FreedomBox version: 22.15
- Hardware: Raspberry Pi 4B
- How did you install FreedomBox?: sudo apt install freedombox on a fresh Debian Bookworm