Untrusted certificate for Octoprint
So, I've recently updated my Prusaslicer to 2.3 alpha 4 (was using alpha 2 before) and now PrusaSlicer won't connect to my Octoprint anymore: it is a locally set up Octoprint without any access to the outside world. It keeps telling me that the certificate isn't trusted anymore. I've tried importing the certificate to my certificate store, but no luck. still not trusted. Where do I go from here?
Exact error message that PrusaSlicer gives me when testing the connection:
Could not connect to OctoPrint: Peer certificate cannot be authenticated with given CA certificates:
schannel: next InitializeSecurityContext failed: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted.
[Error 60]
Note: OctoPrint version at least 1.1.0 is required.\
I know it is impossible for https to be secured with a self signed certificate if it is a .local address (I'm using a default setup of Octoprint on my Raspberry Pi 3B)
How do I fix this?
RE: Untrusted certificate for Octoprint
So, I've recently updated my Prusaslicer to 2.3 alpha 4 (was using alpha 2 before) and now PrusaSlicer won't connect to my Octoprint anymore: it is a locally set up Octoprint without any access to the outside world. It keeps telling me that the certificate isn't trusted anymore. I've tried importing the certificate to my certificate store, but no luck. still not trusted. Where do I go from here?
Exact error message that PrusaSlicer gives me when testing the connection:
Could not connect to OctoPrint: Peer certificate cannot be authenticated with given CA certificates:
schannel: next InitializeSecurityContext failed: SEC_E_UNTRUSTED_ROOT (0x80090325) - The certificate chain was issued by an authority that is not trusted.
[Error 60]
Note: OctoPrint version at least 1.1.0 is required.\I know it is impossible for https to be secured with a self signed certificate if it is a .local address (I'm using a default setup of Octoprint on my Raspberry Pi 3B)
How do I fix this?
I would rather post problems with PS 2.3.0 alpha 4 at github: https://github.com/prusa3d/PrusaSlicer
Possibly this problem is already listed there.
Statt zu klagen, dass wir nicht alles haben, was wir wollen, sollten wir lieber dankbar sein, dass wir nicht alles bekommen, was wir verdienen.
RE: Untrusted certificate for Octoprint
First i would make sure that the hostname you are accessing octopi matches whats in the certificate under subject and/or subject alternative name, if it doesn't match that could be causing issues. To fix that you either need to match the host name on the certificate or generate a new certificate with the new hostname.
then download a copy and upload it to your computer and probably user accounts root certificate store.
the only other way around that would be to get a certificate issued by a signing authority, not sure if there is a way to do that using something like let's encrypt.
If that doesn't work then something else might causing an issue like an unsupported cryptographic cipher.
RE: Untrusted certificate for Octoprint
Set the connection to use http instead of https to remove the error. If you prefer keeping https, then replace the certificate with one created by a trusted CA or import the cert from the octoprint instance (can export it from the browsers inspect cert dialogue) into your trusted certificates.
RE: Untrusted certificate for Octoprint
I did the following for me and it connected fine during the test.
First i followed the steps outlined here for creating a new SSL certificate and restarting the services.
Then once that's up an running, i checked to ensure the subject matches the hostname of the octopi, and if it does copied it to a file (DER x509).
Then opened up the certificates mmc for computer and local user account
Then import the cer/crt file you made earlier into the trusted roots certificate store.
Hope that helps.
