Certificate Autority

RenJ

hI
Is any body can help me?
I receved this answer from Natgate support:

TAC Lite is limited, for the most part, to the following:
Hardware issues (while under warranty)
pfSense firmware reinstallation (and downloads)
Zero-to-ping -- connecting a single device to the firewall and establishing an internet connection, and verifying connectivity. Review the FAQ here for what ZTP entails.

So, I bought a SG-2100 in september 26.
I'm to the Certificate Manager.

My question is:

Why when I tried to meka a Autority Certificate I recived the answer:
Invalid Certificate.

Thank you

johnpoz

@renj what did you put in the fields? You pretty much give it a name and that is really all you have to do..

So I take it your trying to import a ca? Do you have a CA cert? Where did you get it from?

RenJ

Thank you for answer me!

No I try to make my CA.
Do I have to buy or somting other way?

johnpoz

@renj no there is nothing to buy..

example here is a new CA.

You click the add button at the bottom of the CA tab, and look this is all I edited. And you don't even have to pick a country code if you don't want to. You don't even have to change the common name if you don't want to, it defaults to internal-ca. Then click save and have a new ca.

So what did you put in? I mean its pretty cut and dry.. You just really have to fill in the Descriptive name field and hit save..

RenJ

@johnpoz
I did that but when I tried to use after I filled a client or server certificate I recived the answer: invalid CA.

johnpoz

@renj Going to need some details, like a screenshot of what you filled an and the error. Because here, I just created a cert from exampleca I created.

I don't even know how you could mess this up really to be honest.,

What version of pfsense are you using?

RenJ

Thank you Johnpaz
You was right!

Now, I'm on Packages Manager.
I have, under Instaled Packages window; two isntalled Packages.
At the bodom of this window, I have a message in red:
Package is configured but not (fully) installed or deprecated.
So, In the available packages window I have notting.
Probaly this red message is the problem?

What that mean?
I need those packages to finich my set-up!

Thank you verry much!

rcoleman-netgate

@renj I suggest a new topic under https://forum.netgate.com/category/5/installation-and-upgrades for that.

Screen shots are not required but are encouraged so that people can see exactly what you are. Feel free to redact serial numbers, NDIs and any public IP addresses from those images.

Gertjan

@renj said in Certificate Autority:

So, In the available packages window I have notting.

You don't see these :

?

@renj said in Certificate Autority:

I have, under Instaled Packages window; two isntalled Packages.
At the bodom of this window, I have a message in red:
Package is configured but not (fully) installed or deprecated.

We all have this :

If an installed package is marked in red => now you know what that means.
If an installed package is marked in yellow => now you know what that means.