Two-tier PKI and OpenVPN - Do you use it?
-
Well, after successfully bringing Two-Tier PKI to work in, I wonder if anyone else use it in pfSense OpenVPN solutions (WebGUI is piece of cake, so don't even mention).
To anyone interested - PKI is AD CS based, successfully managed to add Netscape extensions for correct identification in WebGUI as 'server' certificates (didn't bothered in < 2.3, not really matters in 2.3+, but a will be a HUGE difference as number of connections grow), it really whips the llama ass to have only one Root CA cert to correctly identify and connect a bunch, often not even remotely connected (read - different enterprises/business, but under my supervision) systems.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.