So as title says, with some details :
After an upgrade to 25.10 (EDIT: 25.04 my bad), the GUI threw an error with my old certificate, and wouldn’t accept HTTPS connections.
To try and solve this, I simply created a new certificate, keeping most of the default options, and using the existing CA.
After doing so, connecting to my TrueNAS box from a web browser throws “SEC_ERROR_INADEQUATE_KEY_USAGE”, and will not let me go further.
As I also checked the “redirect HTTP → HTTPS”, it looks like I can’t access it via HTTP either.
Can I get myself out of this through the CLI ?
Also, what options should I have checked when creating the certificate, for it to be accepted as a GUI cert, when I hopefully can connect again and create a new one ?
Why? 25.10’s very early in the pre-release process.
You should be able to disable the redirect at the shell with midclt call system.general.update '{"ui_httpsredirect": false}' followed by midclt call system.general.ui_restart.
As to the certificate options, you probably neglected to set the Profile of the CSR (in the first step on 25.04) to one of the HTTPS options.
Either RSA or ECC should work, but ECC is teh new hawtness.
On the key usage config, you have some options selected that aren’t selected by default for me–the only ones I have selected are Digital Signature and Critical Extension. And a CRL with only those checked results in a cert that works.
