![]() Why certification expiry isn't publicly broadcast is beyond me. We recommend that you import certificates signed by a CA on this list for the HTTPS proxy or Fireware Web UI, so that users do not see certificate warnings in. I too am on El Capitan 10.11.6 and was wracking my brain all night trying to figure it out. Hopefully this works for you as seamlessly as it did for me. Set: `When using this certificate:` to `Always Trust` - Close the window, which will ask you to verify with your login password. Manually "Trust" that certificate: - Find it ("ISRG Root X1") in the list and double click on it. ![]() But not `System Roots` (which is where it *would* be, if we were on 10.12.1+) - login = Current user only - system = All users. Install the certificate: - Via "Keychain Access.app" - `File > Import Items.` You can install it into either the `login` or `system` keychain. FINGERPRINT (SHA-1): CABD2A79A1076A31F21D253635CB039D4329A5E8 SOURCE: (Active > ISRG Root X1 > Self-signed > der) WHAT APPLE SHIPS 10.12.1+: - Search for: "ISRG Root X1" You should see that the fingerprints match between and. This is for *your* safety since you *shouldn't* trust me. Verify that the fingerprints match: - So you know that the Root Certificate I've linked to is in fact the one that LE provides and Apple has certified/trusted. ĭownload this Root Certificate: - NAME: "ISRG Root X1" (✅ Self-signed, ❌ NOT Cross-signed) URL:. ![]() Found this post and solved the issue immediately, can attest that all previously non-functional sites are now valid again. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |