Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Has anyone heard of this?

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      aaronouthier
      last edited by

      I just came across a site called letsencrypt.org. It offers free trusted SSL certificates. I was skeptical at first, but I checked it out and it seems legit. The certs are trusted by most browsers, due to the CA signing them. This would be great if it worked with pfSense in general. Especially useful for folks who want to use Squid proxy, etc.

      1 Reply Last reply Reply Quote 0
      • T Offline
        tymanthius
        last edited by

        I've used it, and it worked. Then I got lazy w/ having to renew every X days and didn't care.

        Now my work is wiggin' out b/c I'm hitting https ports on my home server & no certs.

        1 Reply Last reply Reply Quote 0
        • A Offline
          aaronouthier
          last edited by

          I don't suppose the renewal could be automated?

          BTW, forgot to mention, I put this in plugins forum, because I suspect this would be better suited for implementation as a plugin. It occurs to me now, this might be intended for existing plugins.

          @Moderator: feel free to move this.

          1 Reply Last reply Reply Quote 0
          • KOMK Offline
            KOM
            last edited by

            https://forum.pfsense.org/index.php?topic=101186.0

            1 Reply Last reply Reply Quote 0
            • A Offline
              aaronouthier
              last edited by

              Thanks KOM! One might think I'd have learned by now to search before posting. If so, one would be mistaken…

              In my defense, I was up 30 minutes earlier than usual today. I blame it on this. That's my story, and I'm sticking to it.

              1 Reply Last reply Reply Quote 0
              • KOMK Offline
                KOM
                last edited by

                No problemo.  If I remember right, the entire point of Let's Encrypt was to have an automated system that would renew your cert regularly without user intervention.  They supply software that does all of this for you.  There was talk about a FreeBSD port, but I don't know the current status.  Ad then after that, someone would have to create a pfSense package to integrate it into the system.  For now, it's just easier to use the pfSense self-signed cert if required, and get your own real certs for your web server and mail server behind pfSense.  They're pretty cheap.  if I can afford one, anyone can.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.