Author Topic: Buffalonas blocked by browser for an untrusted certificate  (Read 86 times)

marco3253

  • Calf
  • *
  • Posts: 4
Buffalonas blocked by browser for an untrusted certificate
« on: January 11, 2019, 06:22:39 am »
Hi guys, this is pretty new to me.
I have two customers, both got a Buffalo Station Link Duo (don't think the version are pretty the same cause i bought them 3 years distance each other)
Anyway on the last customer i can't get the remote browsing work.

The port on the router are correct, prove of this is the app on the iPhone working (from another internet source, not lan).
But when i connect to buffalonas.com and type the ID i choose, the browser tells me that "the connection is not in a private modality" (i'm translating the message as in italian appears into the browser.
and also: "the website can assume the identity of xx.xx.xx.xx (ip address) to catch personal or financial informations bla bla bla"
there is nothing i can do to say "ok trust this" just i can go back to the buffalonas.com page.

The strange thing is that the first customer, with an older version of the station, is perfectly working from the same browser...

So what's happening, there is something wrong with this new NAS ?

Thank you

1000001101000

  • Debian Wizard
  • Tatanka
  • **
  • Posts: 63
  • There's no problem so bad you cannot make it worse
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #1 on: January 11, 2019, 06:50:49 am »
Take a look at the certificate thatís being regected, it should tell you a lot. If the cert is expired, using an outdated hash like sha1, or is from an untrusted issuer you should be able to see whatís going on and work from there.

Texturtle

  • Administrator
  • *****
  • Posts: 723
  • RAID is NOT a substitute for a good backup
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #2 on: January 11, 2019, 08:57:06 am »
The most likely thing is that the customer with no errors is not using HTTPS. Every Buffalo NAS has a certificate pre-installed, but it's self-signed by Buffalo and therefore will never be considered a "trusted" certificate by any browser.

The reason is that a self-signed cert can't be verified to belong to the assumed owner of the site. Data transfers are still encrypted, and as long you know for sure you're connecting to the correct site it's still technically secure, but every browser will tell you it isn't.

The only way to correct that is to install a valid certificate.

marco3253

  • Calf
  • *
  • Posts: 4
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #3 on: January 21, 2019, 07:07:46 am »
Hi Guys and thank you for the answers.
I didn't forget to reply to you, i was just taking some days to make some tests.

I guess the certificate should be released from buffalonas.com website, because it's the website where i'm connecting to, then there is the redirect. Anyway, i tried but there is no "https" at the beginning of the string.
This is a video of what's happening. The first working is relative to the customer1, installed 3 years ago still working with no problem.
The customer 2 as you can see i'm unable to connect, also with different browsers.
The configuration on the router is correct, the prove of this is that the APP on the iPhone is working.

What should I do?

Here's the video on youtube: https://youtu.be/qeFyIFGyGsg

Texturtle

  • Administrator
  • *****
  • Posts: 723
  • RAID is NOT a substitute for a good backup
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #4 on: January 21, 2019, 08:59:43 am »
It would appear that the second browser is set to not allow HTTP connections, only HTTPS.

marco3253

  • Calf
  • *
  • Posts: 4
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #5 on: Today at 02:43:55 am »
It would appear that the second browser is set to not allow HTTP connections, only HTTPS.

They're not different browsers, it's Safari on a Macbook. I tried also with Chrome but the results are the same.
What change from first test to the second one it's the customer (different NAS different Router different ISP).
On the App for iPhone it's working, so it's something related to http connections, maybe the App talks on another port.

There is not official support for this? The NAS is new.