Certificate Manager Package used?
-
What package does pfSense use to generate certificates for OpenVPN/OpenSSL?
Easy-RSA, 2cca, or something else?
Thank you! -
We use our own code to do the management, which in turn makes calls to OpenSSL through the PHP OpenSSL module in most cases, and in some cases to OpenSSL directly.
-
Thanks for the reply.
I was kinda fishing for a better solution than Easy-RSA - which Debian seems to be falling behind on keeping it updated. I figured if anyone knew what the best alternative was, it would be the pfSense people. Just didn't anticipate it would be a "roll your own" solution!ย :D -
Just use a pfSense instance somewhere on your network to manage your certs ;-)
Though it's not perfectly suited to being a general purpose CA, it sure beats having to mess with EasyRSA.
And on 2.4 you can sign CSRs as well as create certificates.