import pfsense ca cerrtificates in linux system(ubuntu/centos) for squid https configuration in pfsense
-
Hello
want to import certificates in linux system of pfsense ca certificate for squid https men in middle attack configuration.
-
i don't understand exactly what do you want to do but you can export / import /create from System -> Certificate Manager
if it's this what you want there is an howto here https://turbofuture.com/internet/Intercepting-HTTPS-Traffic-Using-the-Squid-Proxy-in-pfSense -
have configured self signed certificates in pfsense.
so now i want to import that certificates in system like ubuntu and centos.so how can i do this..
in windows i have done. but have face issue in linux based system.
becoz i have few system that use linux in local network and my gateway is pfsense.
-
i want to block few https sites only rest all will be access.
-
this have nothing to do with pfsense,you should have better help from ubuntu/centos/linux forum, in any case
export the certificate from pfsense and copy it on your linux machine
For Ubuntu:
Create a directory for extra CA certificates in /usr/share/ca-certificates:sudo mkdir /usr/share/ca-certificates/extraCopy the CA .crt file to this directory:
sudo cp foo.crt /usr/share/ca-certificates/extra/foo.crtadd the .crt file's path relative to /usr/share/ca-certificates to /etc/ca-certificates.conf
sudo dpkg-reconfigure ca-certificatesTo do this non-interactively, run:
sudo update-ca-certificatesFor CentOs
Install the ca-certificates package: yum install ca-certificatesEnable the dynamic CA configuration feature:
update-ca-trust force-enable
copy the exported crt file
cp foo.crt /etc/pki/ca-trust/source/anchors/
update-ca-trust extract -
Great it is working fine..
Have one issue that want to block youtube facebook etc few sites i want to block .not all https.
so how we can configure that all https will be accessible and few will be block..
please suggest..
thank you...
-
read this
https://forum.netgate.com/topic/74934/how-to-block-youtube-in-pfsense/20