Yunohost in local network only


First of all - apologies for the similarity with previous posts by others - I did go through them but found no solution & there were many in French that I couldn’t understand.

I want to use Yunohost on a local network without external access. I installed on a Raspberry Pi2 successfully & can SSH to it without any problems. I ran yunohost tools postinstall & choice yunohost.local as the domain. I assigned as the ip from the router.

Whenever I try to connect to the admin interface to complete the configuration with Firefox 52, I get SEC_ERROR_REUSED_ISSUER_AND_SERIAL without any option to temporarily add an exception. This happens when I access via

I don’t want to use DynDNS & cannot issue a letsencrypt cert without having a domain. How can I connect to & use yunohost locally?

(edited with additional info) I also tried adding a dnsmasq entry in the router to map to yunohost.local & got the same problem in firefox when accessing https://yunohost.local


Right now Yunohost is not very well designed to work without internet connection. This is also related to the fact that Firefox expect you to have a “valid” certificate and is grumpy about self-signed certificates.

Thinking about this, my opinion is that HTTPS is designed to ensure the confidentiality and authenticity of communications. But if you’re on a network you trust and using machines you trust (because these are yours), at the end of the day, HTTPS is pointless and you should simply use HTTP instead.

The only difficulty with this is that by default, Yunohost tries to force the admin interface to be used with https, here :

So I’d suggest that you go through the files in /etc/nginx/ and comment this block each time you see it… Then restart or reload nginx and test accessing the admin interface (and yunohost in general) in HTTP


That’s because you’ve already accepted YunoHost certificate before then did a reinstallation (which reset the local CA generated by YunoHost), Firefox consider this to be a security issue (because normally a CA root certificate is never reset or something like that).

To solve this, you need to browser firefox certificate manager and remove the previous certificate you’ve accepted for this domain. To warn you: this certificate manager is … no very intuitive -_-’

It’s this stuff if I’m not mistaking

Thanks Bram - your answer was exactly right.

I had certificate from an ancient installation test that had to be deleted in Firefox.

After deleting it - all is well!

1 Like