Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Copy certificate to remote server

    Scheduled Pinned Locked Moved ACME
    2 Posts 2 Posters 709 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      karlisp
      last edited by

      Hello!

      I have done some research and can't seem to find answer for simple task of copying certificate to remote server and restarting services.

      So far I've set up script on pfSense that should be executed after renewing certificate, but cant seem to find how to generate private and public ssh key that will be used to communication between firewall and server. Also config file would be necessary to specify different ports or users.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @karlisp
        last edited by

        @karlisp said in Copy certificate to remote server:

        but cant seem to find how to generate private and public ssh key that will be used to communication between firewall and server

        Strange πŸ˜€
        Because that one is also needed to access pfSense using it's SSH access.
        The ssh password method is meant to be used only ones, to be forbidden afterwards, with :

        371e3693-64a5-4bc7-8f69-0c7905ea0b6d-image.png

        See the pfsense manual, or about a million other sources on the net about how to create them, where what to place what etc.

        This info is valid for everything that is accessible with "ssh".

        Use a tool of your choice to create a (the) key(s) and cut and pasted it here :

        a751ab92-5a7a-4a3f-afcc-2002aaa12d16-image.png

        ( the admin user settings of pfSense, at the bottom of the page )

        About the scripts : many have already made something up, using some shell script.
        So many OS's exists, like the desktop ones, and OS's for devises likes printers, NAS's etc etc etc.
        It boils down as copying a file often the network - putting the file 'on the right place' - and signalling / restarting the services that uses these files == the new certs.

        For myself : when acme did it's job, every 60 days, I receive a mail.
        I added to the bottom of the mail :
        "As an admin, do your jobs, and extract these 2 files from pfSense, to put them in the 2 NAS's et 2 network printers."
        Not a bad thing, actually, as it takes 5 minutes, and I'm paid to do ^^

        I have a "root" access for my Syno NAS's, but I do not have such a ssh access for the printers, so the GUI way is the only way anyway.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.