Author Topic: Buffalonas blocked by browser for an untrusted certificate  (Read 44 times)

marco3253

  • Calf
  • *
  • Posts: 2
Buffalonas blocked by browser for an untrusted certificate
« on: January 11, 2019, 06:22:39 am »
Hi guys, this is pretty new to me.
I have two customers, both got a Buffalo Station Link Duo (don't think the version are pretty the same cause i bought them 3 years distance each other)
Anyway on the last customer i can't get the remote browsing work.

The port on the router are correct, prove of this is the app on the iPhone working (from another internet source, not lan).
But when i connect to buffalonas.com and type the ID i choose, the browser tells me that "the connection is not in a private modality" (i'm translating the message as in italian appears into the browser.
and also: "the website can assume the identity of xx.xx.xx.xx (ip address) to catch personal or financial informations bla bla bla"
there is nothing i can do to say "ok trust this" just i can go back to the buffalonas.com page.

The strange thing is that the first customer, with an older version of the station, is perfectly working from the same browser...

So what's happening, there is something wrong with this new NAS ?

Thank you

1000001101000

  • Debian Wizard
  • Tatanka
  • **
  • Posts: 61
  • There's no problem so bad you cannot make it worse
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #1 on: January 11, 2019, 06:50:49 am »
Take a look at the certificate thatís being regected, it should tell you a lot. If the cert is expired, using an outdated hash like sha1, or is from an untrusted issuer you should be able to see whatís going on and work from there.

Texturtle

  • Administrator
  • *****
  • Posts: 720
  • RAID is NOT a substitute for a good backup
Re: Buffalonas blocked by browser for an untrusted certificate
« Reply #2 on: January 11, 2019, 08:57:06 am »
The most likely thing is that the customer with no errors is not using HTTPS. Every Buffalo NAS has a certificate pre-installed, but it's self-signed by Buffalo and therefore will never be considered a "trusted" certificate by any browser.

The reason is that a self-signed cert can't be verified to belong to the assumed owner of the site. Data transfers are still encrypted, and as long you know for sure you're connecting to the correct site it's still technically secure, but every browser will tell you it isn't.

The only way to correct that is to install a valid certificate.