Backups of SSL keys/certificates
-
Examining the backup file config-pfsense..xml I see various hashes, none of which appear to my feeble eyes to be SSL keys/certs. Are these re-hashed for the backup, or is /cf/conf/acme/ not part of the backup?
-
My cert info :
You saw the name of the cert ?
Here it is, in the config.xml :
-
They are in the backup, just stuffed in a base64 encoded string as a part of their ca/cert entries.
-
@jimp
OK, that is good to know. Out of curiosity, is the cert converted to base64 ? Looks like the cert in .xml uses 700+ more bytes than its representation from the certificate manager. -
The certs are stored in PEM format with the whole thing encoded as base64. It will naturally gain some size in base64 in the process due to how base64 works.
-
@Gertjan
Yes, I viewed similarly here. I exported the cert from the cert manager and compared it to the one in the xml file. -
@jimp
OK, great!