Skip to main content

HSTS disabling in Browsers.

HSTS stands for HTTP Strict Transport Security,

Today I came up in a situation to renew the ssl certificate in netgate pfsense firewall. When taking the url in the browser am getting an error SEC_ERROR_EXPIRED_CERTIFICATE and my browser will not show the unsafe link to the site.

And I can only renew the certificate after getting the web url and login to the pfsense firewall. Like a dedlock situation.

How I solved this issue is to disable the HSTS checking in the chrome browser.

Just take the url chrome://net-internals/#hsts in your chrome browser and give your ssl expired domain in the "Delete domain security policies" section and click on "Delete".

 That is all, now you will get the "proceed with the unsafe" link and can login and install the new ssl certificate for  your pfsense firewall.

 Cheers.

Comments

Post a Comment

Popular posts from this blog

K8s External Secrets integration between AWS EKS and Secrets Manager(SM) using IAM Role.

What is K8s External Secrets and how it will make your life easier? Before saying about External Secrets we will say about k8s secrets and how it will work. In k8s secrets we will create key value pairs of the secrets and set this as either pod env variables or mount them as volumes to pods. For more details about k8s secrets you can check my blog http://jinojoseph.blogspot.com/2020/08/k8s-secrets-explained.html   So in this case if developers wants to change the ENV variables , then we have to edit the k8s manifest yaml file, then we have to apply the new files to the deployment. This is a tiresome process and also chances of applying to the wrong context is high if you have multiple k8s clusters for dev / stage and Prod deployments. So in-order to make this easy , we can add all the secrets that is needed in the deployment, in the AWS Secret Manager and with the help of External secrets we can fetch and create those secrets in the k8s cluster. So what is K8s external Secret? It i...
Post a Comment
Read more

Setting /etc/hosts entries during the initial deployment of an Application using k8s yaml file

Some times we have to enter specific hosts file entries to the container running inside the POD of a kubernetes deployment during the initial deployment stage itself. If these entries are not in place, the application env variables mentioned in the yaml file , as hostnames , will not resolve to the IP address and the application will not start properly. So to make sure the /etc/hosts file entries are already there after the spin up of the POD you can add the below entries in your yaml file. cat > api-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: spec:   template:     metadata:     spec:       volumes:       containers:       - image: registryserver.jinojoseph.com:5000/jinojosephimage:v1.13         lifecycle:           postStart:             exec:               command:...
Post a Comment
Read more

cPanel update fail with Needed RPMs not installed

Some time when we try to update the cpanel, the script will end with the following error: [2017-02-28 06:57:31 +0000]   No package redhat-rpm-config available. [2017-02-28 06:57:31 +0000] E Error: Nothing to do [2017-02-28 06:57:31 +0000] E (XID pzehwg) The system failed to execute yum with the arguments “-y -c /etc/yum.conf install redhat-rpm-config” be cause of an error: The “/usr/bin/yum” command (process 11852) reported error number 1 when it ended. : Error: Nothing to do [2017-02-28 06:57:31 +0000]   checkyum version 22.3 [2017-02-28 06:57:32 +0000] E Sysup: Needed system RPMs were not installed: redhat-rpm-config [2017-02-28 06:57:32 +0000] ***** FATAL: Cannot proceed. Needed system RPMs were not installed. [2017-02-28 06:57:32 +0000]   The Administrator will be notified to review this output when this script completes Solution ###### Just run the below command and proceed with the update. # yum clean all # /scripts/upcp
Post a Comment
Read more