renew certs from CLI

sgw

I have a pfsense with outdated certs, it was configured a few months ago but only deployed yesterday.

So the certs I moved over from the old hardware aren't valid anymore and I can't access the WebGUI.

Is there a way to trigger the cert renewal from ssh? I looked into the php-code, that might be a way. I see no certbot binary and no cronjob I can copy the command from.

any hint would be appreciated.

sgw

"/usr/local/pkg/acme/acme_command.sh renewall" did the trick. bingo

Gertjan

@sgw said in renew certs from CLI:

and I can't access the WebGUI.

Of course you can.
Instead of the URL, type the IP LAN of the GUI.
The browser will warn you, but insist, and override by clicking on the right buttons.
You'll enter the GUI, and you renew with the click of a button.

@sgw said in renew certs from CLI:

I see no certbot binary .....

Certbot ?
The package is called :

where acme comes from here.

Btw : there are many Letsencrypt user end clients. Certbot is just one of them.

@sgw said in renew certs from CLI:

I see .... and no cronjob

Here :

/etc/crontab

Install the pfSense Cron package ;)

sgw

@gertjan thanks for the info. Needed that on another system right now.