On 10/11/24 6:20 AM, Freek de Kruijf wrote:
I got the suggestion to use F12 in Firefox to see error messages. It revealed that the Content-Security-Policy was set too strict. But even setting all to 'self' is too strict. Still trying to figure out what the right setting is.
I explains why using localhost does not give the problem. I do not have a Content-Security-Policy for localhost.
That makes sense. My web-servers are on Arch, which simply sets all access restrictions through the conf files (and file ownership/permissions). If you are using a self-signed certificate, it makes sense to go ahead and get an actual ssl certificate from "Let's Encrypt" (it's free) and then you can use "certbot" to update it before it's 90 day expiration (they send you e-mail notices) If you run a mail-host, you can use the same ssl certificate for dovecot, etc.. That eliminates a lot of "nanny programs" that now refuse to talk to servers with self-signed certs. Up until about 5 years ago or so, self-signed certs are fine. -- David C. Rankin, J.D.,P.E.