Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Automation of users and certificates creation

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 364 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      ferchu
      last edited by

      Hi,

      I regularly have to create new users in my pfsense installation. Normally, the process involves:

      • setting the username
      • stetting the full name
      • selecting the CA
      • overriding the default key size
      • overriding the default expiration date
      • exporting the asociated OpenVPN (.ovpn) profile

      Is there any way to automate this, at least all the user creation bits (i.e., excluding the ovpn profile export).

      Note: it's totally fine if automating things involves me SSH'ing to PFsense as opposed to using the GUI.

      Thanks!

      • F
      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        There is no built in automation for that. You could probably do something with php shell scripts. Some coding would be required though.

        https://docs.netgate.com/pfsense/en/latest/development/php-shell.html

        Steve

        F 1 Reply Last reply Reply Quote 0
        • F
          ferchu @stephenw10
          last edited by

          @stephenw10 Hello, Steve! Thanks so much for your prompt response!

          Quick question: is it a valid expectation that for everything that can be done in the GUI it's also possible to do it with the PHP shell?

          I ask because I've just checked the reference you've provided, but it seems it's not possible to e.g. create users or user certificates via PHP shell.

          Is that correct?

          Thanks!

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            No, pfSense is intended to be used through the webgui. There will be functions that only work that way. But you could likely create a php shell script that created users with certs. It would need to be coded directly though.
            If you have a very large number of users you probably want to be using some external authentication server anyway.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.