I was trying to access click.discord.com from my LAN and got the error “You cannot visit click.discord.com right now because the website uses HSTS.” I tethered to my phone and everything worked as expected. When I dug into it a bit I can see its getting back the self signed cert from pfSense+ so my guess is pfBlockerNG does not like this domain for some reason.
Is there any way I can add an exception? I think this domain is legit; it’s used by Discord to verify a login attempt from a new IP. Usually comes via a verification email.
Common Name (CN) pfSense-pfBNG-DNSBL-64f3a03585da6
Organization (O) pfBlockerNG DNSBL Self-Signed Certificate
Organizational Unit (OU) <Not Part Of Certificate>