ERR_SSL_SERVER_CERT_BAD_FORMAT after yunohost installation

#1

Hi all,

I just follow this installation and it’s seems work (no invalid password) but now, when I m going to 192.168178.27/yunohost/admin,

I have a ERR_SSL_SERVER_CERT_BAD_FORMAT.
In firefox I have more information

192.168.178.27 uses an invalid security certificate. The certificate is not trusted because the issuer certificate is unknown. The server might not be sending the appropriate intermediate certificates. An additional root certificate may need to be imported. The certificate is only valid for the following names: yunohost.org, www.yunohost.org, ns.yunohost.org Error code: SEC_ERROR_UNKNOWN_ISSUER

I made a research on the forum and nothing found (but on ddg yes). Is it a bad configuration of myself ?

thanks.

#2

bad adress (must be yunohost/admin)

#3

You get this message because YunoHost uses a secure connection but no trusted certificate is found. This is normal and is YunoHost’s default behavior.

Just add an exception to your website by clicking the “Advanced” button and then “Add an exception…”, you’ll then be able to access your server web interface without any problem. Note that you’ll need to do this for every browser you’ll use (Chrome, Safari, Opera, etc.). [You can find more information in the Firefox Documentation] (https://support.mozilla.org/en-US/kb/troubleshoot-SEC_ERROR_UNKNOWN_ISSUER)

#4

I see that many people are seeing this thread (from Discourse statistics) so I’m adding a more detailed answer both in english and french :


(EN) :gb:

As stated by @theodore :

  • It is expected to get this message because yunohost is configured to use HTTPS by default. However, HTTPS rely on having a certificate signed by a certification authority. After post-install, YunoHost only have a self-signed certificate which is not enough to guarantee to a visitor coming to your server/website that the connection is authenticated… (More info on this page, “About certificates”.)
  • Nevertheless, if you are the administrator of this server and are sure to access your server that you just sat up, it is fine to add an exception (button Advanced, Add an exception…)
  • On the mid/long-term, you should consider this procedure to add a Let’s Encrypt certificate so that other visitor don’t get this warning.

(FR) :fr:

Comme dit par @theodore :

  • Il est “normal” d’obtenir ce message car YunoHost est configuré pour utiliser HTTPS par défaut. Cependant, HTTPS dépend de l’utilisation de certificats signés par des autorités de certification. Juste après la post-install, YunoHost dispose seulement d’un certificat auto-signé, ce qui n’est pas suffisant pour garantir aux visiteurs de votre site/serveur que la connexion est authentifié… (Plus d’infos sur cette page this page, “À propos des certificats”.)
  • Néanmoins, si vous êtes l’administrateur de ce serveur et que vous êtes relativement sur d’accéder à la bonne machine, il est raisonnable d’ajouter une exception (Avancé > Ajouter une exception).
  • Sur le moyen/long-terme, vous devriez néanmoins installer un certificat Let’s Encrypt en suivant cette procédure pour que les visiteurs de votre site/serveur n’ai pas d’avertissement.
2 Likes