Hello All,
I have opnsense firewall where I’ve installed squid web proxy as a invisible forward proxy to prevent access to things like instagram and facebook. In opnsense I create a new self signed root certificate. I then used this to generate certificates which I installed on our computers both in the ca store and the browsers. Works great. The problem is I can no longer update brave browser on the machines that have it, or install it on the machines that don’t.
In linux I’m getting this error in apt/nala;
Error: https://brave-browser-apt-release.s3.brave.com stable InRelease
Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.
How do I get around this? I have listed .brave.com in my no bump list and set CURL_CA_BUNDLE environment variable. The variable allowed me to setup the source in apt, but that’s as far as I could get.
Any help would be greatly appreciated!
