Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Are certificates stored in backup?

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 443 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wgstarksW
      wgstarks
      last edited by

      I just purchased a new 4200 and will be restoring it from a backup xml file. I can see that apparently all the settings are in the xml but I'm wondering about ssl and ssh certificates/keys. Will they be restored as well?

      Box: SG-4200

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @wgstarks
        last edited by johnpoz

        @wgstarks yes..

        Just look in your backup file, its just an xml - by default it would keep the ssh but you can uncheck that

        backup.jpg

        And your certs are there - notice the one being used for my webgui, and then later in the xml is that cert

        certs.jpg

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        wgstarksW 1 Reply Last reply Reply Quote 1
        • wgstarksW
          wgstarks @johnpoz
          last edited by

          @johnpoz
          Thanks. Now I know what term to search for. 👍

          Box: SG-4200

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @wgstarks
            last edited by johnpoz

            @wgstarks there was a also a thread not that long ago where someone was complaining their their cloned boxes, using standard config had the same ssh.. Assuming they could of just unchecked that box when creating their golden config ;)

            But I don't recall exactly when that option turned up about the ssh, might have been just recent like 23.09 or something..

            I have restored from config a few times when doing a clean install of new version and I don't recall being warned that ssh was different host, and for sure never lost any certs... I have lots of certs in my cert manager, both CA and signed certs and even a few external certs, etc.. Like acme..

            A backup that didn't contain your certs wouldn't be a very good backup ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            NogBadTheBadN 1 Reply Last reply Reply Quote 0
            • NogBadTheBadN
              NogBadTheBad @johnpoz
              last edited by

              @johnpoz If ssh does complain about the ssh key cd to the .ssh folder and remove the known_hosts file.

              Andy

              1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.