pixelserv https certificate issue on iOS

[akb]

Hi all, i made a pixelserv https certificate because it looks like letsencypt is borked. I am able to get the https working my laptop outside the network, but when i try to use my phone, i get the unsecure https prompt. I have the pixelserv certificate in my profile already.

Any ideas?

 

[Mutzli]

Hi all, i made a pixelserv https certificate because it looks like letsencypt is borked. I am able to get the https working my laptop outside the network, but when i try to use my phone, i get the unsecure https prompt. I have the pixelserv certificate in my profile already.

Any ideas?

This was discussed in the pixelserv -tls thread a month ago. An updated version is available that creates a new certificate to meet the latest iOS requirements.
start reading this section: https://www.snbforums.com/threads/pixelserv-a-better-one-pixel-webserver-for-adblock.26114/page-157

 

[akb]

This was discussed in the pixelserv -tls thread a month ago. An updated version is available that creates a new certificate to meet the latest iOS requirements.
start reading this section: https://www.snbforums.com/threads/pixelserv-a-better-one-pixel-webserver-for-adblock.26114/page-157

Cool thanks looking into it now!

 

[akb]

This was discussed in the pixelserv -tls thread a month ago. An updated version is available that creates a new certificate to meet the latest iOS requirements.
start reading this section: https://www.snbforums.com/threads/pixelserv-a-better-one-pixel-webserver-for-adblock.26114/page-157

Actually this looks like the https for pixelserv blocking. I was refering to the pixelserv self signed cert for ddns. iOS is not working for that, i already have iOS workin great with pixelserv add blocking.

 

[akb]

Ok, so i actually see that even though i installed the pixelserv self signed cert for my DDNS, it shows as Not Verified. hmmm what am i missing?

 

[Mutzli]

It works for me with the latest pixelserv version 2.3.0 and a self signed certificate. I had to manually remove the old certificates from the iDevice and install the new one I created with 2.3.0. And of course do the same on the router web UI, renew the certificate for DDNS.

 

[mrchow]

Ok, so i actually see that even though i installed the pixelserv self signed cert for my DDNS, it shows as Not Verified. hmmm what am i missing?

The generated certificate is not iOS 13 compliant. A new and compliant certificate has to be created by pixelserv. Thus you have to upgrade to the most recent version. Afterwards existing certs have to be purged.

 

[akb]

It works for me with the latest pixelserv version 2.3.0 and a self signed certificate. I had to manually remove the old certificates from the iDevice and install the new one I created with 2.3.0. And of course do the same on the router web UI, renew the certificate for DDNS.

This was the issue, i was using the latest default version of pixelserv, not the 2.3.0 version. Duh! I upgraded and all is well thanks everyone!!

 

[akb]

Wait god damnit, i thought it was working because my DDNS cert shows as verified in the profile page of iOS, but when i visit the domain it shows unsecure again ARG. I know atleast moving to 2.3.0 got the cert from unverified to verified when its installed, but again iOS will not secure the domain, but other devices like laptop / desktops show it as secure.


EDIT: I am an idiot, apprently i need to toggle some trust setting in ios 13.0 + in addition to getting the cert verified. What a PITA. THANKS ALL