Info
KeePass Hub
B. Server Configuration
2) Certificates
Setting up a Self-Signed Certificate
Let's Encrypt - Free Certificates
Trust Warning
TLS / SSL Policy Errors
Sitemap
Info  >  KeePass Hub  >  B. Server Configuration  >  2) Certificates  >  TLS / SSL Policy Errors Page last modified Nov 23 2021, 20:59

TLS / SSL Policy Errors

Users prefer Pleasant Password Server with a KeePass client!

You may receive a warning telling you that security issues were encountered.

Related topic:

Trust Warning

This error is most common if you are using the self-signed certificate:

                  SSL Policy Error

Listed possibilities are:

  • Remote Certificate Chain errors (A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.)
  • Remove Certificate name mismatch (https://localhost:10001)(CN=PasswordServer_Temporary_Placeholder_Certificate)

Decision to Continue

  • If you are certain that you are securely connected to your server (i.e. the name and thumbprint displayed by the client matches the server thumbprint), you can continue.
  • However, if you are not sure about having established a secure connection, do not continue or you may risk exposing your secret data; check with your administrator for assistance.
  • If you do not wish to see this message again until the thumbprint changes, click "Do not show this message again for this certificate".

Possible Reasons for This Message

  • You are using the default self-signed certificate
  • You are using a certificate that doesn't match your FQDN (Fully Qualified Domain Name)
  • Your certificate or server address has changed
  • Your certificate may have been intercepted and you are the victim of a man-in-the-middle attack

Checks

  • By default, in an secured intranet environment, you should generally be safe even if using the default certificate.
  • For security reasons, we recommend using Password Server with an FQDN and a third-party signed certificate.
  • Check that your certificate thumbprint matches your server thumbprint and choose accordingly whether to continue or not. If you are being attacked and you continue, all your secret data will be at risk of exposure.