SSL Certificate Chain files

  • I had a lot of troubles with using SSL certificates from places like instantssl that require a chain file to work correctly.  Anyway, back in 12/2006 I started messing with hacking in the certificate chain support into the webgui for at least the captive portal, which worked but was messy and not worthy of distribution.  So, almost 2 years later I have some code that will "work" for the chain import for the webgui and portal and figured I'd post if up here for others to either use, update for 1.3 or ridicule.

    There are 4 files that need touched:

    All are contained in the tar file here.

    These were all written under 1.2, so using them on other versions may cause unforseen weirdness.


    Please, remember that these are currently unsupported by the pfsense team, feel free to email me and I'll do my best to help but I do have a day job and somewhat of a life, so I'll answer as I get time.    Use at your own risk, I'm not a developer so these may not be optimal code, insert other random disclaimer here.

    If I ever get my development environment back up maybe I'll update these and submit them to coreteam, until then, they're unsupported (also feel free to fix any mistakes I may have made and post them here!).

  • thanks so much !!!

  • @dtran:

    thanks so much !!!

    Hopefully it'll work for you, let me know either way!


  • Hello,

    I tested your solution and it settled properly.
    I pasted my certificate chain in PEM format in the field that
    you created.
    But apparently it still does not work: have you had other
    return? Your module works there really?

    Thank you in advance.


  • Yes, this worked the last time I applied it, which was a little over a year ago.  I have not revisited it since then since pfsense 2.0 has very different ssl support and I no longer have a work need to continue working on it. 
    What error are you seeing and what version of pfsense are you running?

  • Pfsense 2.0 is not out yet right?

    I have version 1.2.3-RC1.

    Thank you


  • UP !

  • 2.0 is not out yet.  I think I wrote my patches for 1.2.2, IIRC.

  • @buraglio:

    2.0 is not out yet.  I think I wrote my patches for 1.2.2, IIRC.

    Ok, thank you.

    I'll test in 1.2.2.