Captive Portal HTTPS Login Page and Letsencrypt Cert update



  • Hello!

    Thought that I might be missing something here or perhaps overthinking things.

    I was able to successfully set up an automated renew and issue for our webconfigurator site cert and captive portal login page.  The webconfigurator cert is updated with no issues as I'm able to run a single shell command requesting a restart of the webconfigurator.

    My question is, can I do something similar with the captive portal system to use the newly issued cert from letsencrypt?  After the certificate for my captive portal successfully updates from letscrypt,  the only way I have found to be able to update it is to either go into the captive portal configuration page and actually click on "save" or to add a shell command to restart the entire system - this seems to be a bit of overkill to me.

    Any suggestions on how to automate the reloading of the captive portal new certificate would be most greatly appreciated.

    Thanks,
    -Matt  :)



  • Same question here pfSense Forum » pfSense English Support » Packages » Let´s Encrypt Error with nsupdate.
    Once the cert of the captive portal is updated, the web server  that runs the SSL part (a copy of nginx) has to be restarted or at least reloaded if that's possible.
    As far as I known, a script that only restarts the captive portal doesn't exist.

    But …. inspected this script : /etc/rc.restart_webgui - the one that is proposed to restart the web server that runs the GUI : it also restarts the web server that runs captive portal ;)

    Btw : This means that a script that ONLY restarts the captive portal can be made easily, if needed  ;)


  • Rebel Alliance Developer Netgate

    Use /etc/rc.restart_webgui like the example shows, that will restart nginx instances for the GUI and Captive Portal. It happens quickly, there isn't really any incentive to restart only one or the other for something as infrequent as a certificate update (once per month at most, could be as rare as once every 90 days)


Log in to reply