Pi-hole certificate

Emil · 8 April 2025 08:47

Details:
    Date | 2025-04-08 08:35:26
    Program name | DietPi-Software
    Command | apt-get -y -eany update
    Exit code | 100
    DietPi version | v9.11.2 (MichaIng/master)
    Distro version | bullseye (ID=6,RASPBIAN=1)
    Kernel version | Linux DietPi4 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr  3 17:24:16 BST 2023 aarch64 GNU/Linux
    Architecture | armhf
    Hardware model | RPi 4 Model B (aarch64) (ID=4)
    Power supply | (EG: RAVPower 5V 1A)
    SD card | (EG: SanDisk Ultra 16 GB)
    Pre-image | Raspbian Lite

After upgrading pi-hole from v5 to v6 I see an outdated certificate when calling “https://pi.hole:8443/admin/”:

Allgemeiner Name: pi.hole
Organisation: Pi-hole
Land: DE
Gültigkeit:
Beginn: Sat, 22 Feb 2025 19:12:03 GMT
Ende: Mon, 22 Feb 2055 19:12:03 GMT
DNS-Name: pi.hole
. . .

An ideas how to install a valid certificate?

Thank’s for reading, Emil

Joulinar · 8 April 2025 09:10

Seems to be valid until 2055, in 30 years

Emil · 8 April 2025 10:04

So why do I get

Fehlercode: SEC_ERROR_UNKNOWN_ISSUER

Thank’s for reading, Emil

Joulinar · 8 April 2025 10:17

because certificate is self-signed and not trusted, which is expected for self-signed certificates https://www.ssldragon.com/how-to/fix-ssl-errors/sec-error-unknown-issuer/

2. Self-Signed SSL certificate

If you use a self-signed cert on your site, Firefox will display the ERROR_SELF_SIGNED_CERT error. Not a single browser will ever trust a self-signed certificate because anyone can issue it. Unless you deploy them in a testing environment, self-signed certs won’t do any good to your website.