Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    certificate management on pfsense machine and clients

    Scheduled Pinned Locked Moved Cache/Proxy
    3 Posts 2 Posters 437 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kiranpce
      last edited by

      Can somebody guide me how to do the certificate management on pfsense machine and windows clients for https filtering in squid. Best regards
      Kiran

      DaddyGoD 1 Reply Last reply Reply Quote 0
      • DaddyGoD Offline
        DaddyGo @kiranpce
        last edited by

        @kiranpce said in certificate management on pfsense machine and clients:

        certificate management on pfsense machine and windows clients for https filtering in squid

        Hi,

        This is always the first question 😉
        How big network do you want to filter and cache, as this is not worth the suffering on a few clients.

        It seems simple anyway, but it's not (think of GOV and bank pages https):

        Well, creates an intermediate Squid cert in pfSense (with Cert Mng) and then add it to the Cert repository of the windows machine (Trusted Root Cert.)
        (it does this on each machine individually)

        or you use a PAC file for many clients + WPAD
        https://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers
        https://docs.netgate.com/pfsense/en/latest/recipes/http-client-proxy-wpad.html

        Cats bury it so they can't see it!
        (You know what I mean if you have a cat)

        K 1 Reply Last reply Reply Quote 0
        • K Offline
          kiranpce @DaddyGo
          last edited by

          @DaddyGo Thanks I will the second option. May be I will have to something more on Linux, but I will. best regards Kiran

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.