First of all - apologies for the similarity with previous posts by others - I did go through them but found no solution & there were many in French that I couldn’t understand.
I want to use Yunohost on a local network without external access. I installed on a Raspberry Pi2 successfully & can SSH to it without any problems. I ran yunohost tools postinstall & choice yunohost.local as the domain. I assigned 192.168.1.99 as the ip from the router.
Whenever I try to connect to the admin interface to complete the configuration with Firefox 52, I get SEC_ERROR_REUSED_ISSUER_AND_SERIAL without any option to temporarily add an exception. This happens when I access via https://192.168.1.99/yunohost/admin.
I don’t want to use DynDNS & cannot issue a letsencrypt cert without having a domain. How can I connect to & use yunohost locally?
(edited with additional info) I also tried adding a dnsmasq entry in the router to map 192.168.1.99 to yunohost.local & got the same problem in firefox when accessing https://yunohost.local
Not sure why you get SEC_ERROR_REUSED_ISSUER_AND_SERIAL …
Right now Yunohost is not very well designed to work without internet connection. This is also related to the fact that Firefox expect you to have a “valid” certificate and is grumpy about self-signed certificates.
Thinking about this, my opinion is that HTTPS is designed to ensure the confidentiality and authenticity of communications. But if you’re on a network you trust and using machines you trust (because these are yours), at the end of the day, HTTPS is pointless and you should simply use HTTP instead.
So I’d suggest that you go through the files in /etc/nginx/ and comment this block each time you see it… Then restart or reload nginx and test accessing the admin interface (and yunohost in general) in HTTP
That’s because you’ve already accepted YunoHost certificate before then did a reinstallation (which reset the local CA generated by YunoHost), Firefox consider this to be a security issue (because normally a CA root certificate is never reset or something like that).
To solve this, you need to browser firefox certificate manager and remove the previous certificate you’ve accepted for this domain. To warn you: this certificate manager is … no very intuitive -_-’