LaurenceJJones
commented
1 year ago As my pfSense always redirects to https:
So you have exposed and installed a certificate on the CrowdSec port? or using a reverse proxy?
Edit: I see the port within the error message not in your original command... okay have you installed the CA cert on the unraid system?
Edit Edit: I put 2 + 2 and made 5... so the error you are getting is because the certificate it is offering does not have any IP addresses or hostnames as the SANS field, this is automatically rejected as you dont know if the cert is a MITM attacked. The better question I should start with is how did you get this cert? is it self signed?
europacafe
mmetc
I want my crowdsec on my unraid to use LAPI on my pfSense. I issued this command on crowdsec console (run as container on unraid):
cscli lapi register -u 1xx.xx.xx.xwhere 1xx.xx.xx.x is my pfSense ip running crowdsec full stack As my pfSense always redirects to https:, registration can't pass through, and return this message:FATA[07-11-2023 14:23:11] api client register: api register (http://1xx.xx.xx.x/): Post "https://1xx.xx.xx.x.:10443/v1/watchers": tls: failed to verify certificate: x509: cannot validate certificate for 1xx.xx.xx.x because it doesn't contain any IP SANsWhat should I do?