I was running Sonarr fine with Mono 3.x and trying to get SSL to work correctly. Got the certificate loaded and it would recognize, however I’d get a pop up to select a Client Certificate each time I accessed it.
After finding this thread, I decided to proceed with the upgrade to Mono 4.2.1.102-6 and after upgrade, SSL does work, however it’s still prompting for the Client Certificate.
Any ideas on how to solve this? I just want to get rid of the request for a client certificate. Thanks.
New ciphers aren’t supported so some browsers blockt he connections by default (chrome and FF both do this)
Mono doesn’t support intermediate certificates, which results in a broken chain and the browsers end up requesting a client certificate
The second issue can be mitigated by using a certificate chain that doesn’t have an intermediate certificate, but most CAs use an intermediate certificate (at least the trusted public ones), which means it leaves you to a self signed certificate. The easiest solution for the time being is a reverse proxy with nginx or apache.
Makes sense, thanks for the prompt response and explanation.
I’ve looked all over and tried various ways to setup reverse proxy, but been unsuccessful. Any chance you have a recommended resource for setting this up on Synology? Wishful thinking here.
New to Linux, so searching/reading everything I can, but haven’t found the proper solution yet.
