Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Export CA | Do I have to pay attention to anything?

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 537 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      slu
      last edited by

      Hi,

      we use FreeRADIUS with a cert of our CA for EAP-TTLS.
      Since the employes need the CA on their private smartphone we would host it on a public webserver to download it.

      Do I have to pay attention to anything if I export it with "Actions -> Export CA"?
      Is there any security risk to share our CA public (shouldn't without key)?

      pfSense Gold subscription

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        There shouldn't be any significant risk there with just the CA cert and no key. Unless of course your cert contains any sensitive information. You should check that.
        I would still host it somewhere accessible only via the direct link for example.

        Steve

        S 1 Reply Last reply Reply Quote 1
        • S Offline
          slu @stephenw10
          last edited by

          @stephenw10 said in Export CA | Do I have to pay attention to anything?:

          Unless of course your cert contains any sensitive information. You should check that.

          You mean the CN name or something like this?

          I would still host it somewhere accessible only via the direct link for example.

          Yes, thats a good idea.

          pfSense Gold subscription

          stephenw10S 1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator @slu
            last edited by

            @slu said in Export CA | Do I have to pay attention to anything?:

            You mean the CN name or something like this?

            Yes. Or someones email address etc. Something you may not want public.

            Steve

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.