Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: HTTPS and LAN infrastructure equipment with certificates  (Read 5534 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #15 on: January 25, 2020, 05:51:10 PM »

> The way I handle the issue, is I have my own local CA, that CA is trusted in my certificate store.

I immediately thought about this, but I have zero clue as to how to achieve such an excellent thing.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #16 on: February 02, 2020, 12:59:57 AM »

Is that a nightmare to do ? I have seen hellish how-to guides which are very longwinded and presume that you’re running a web server, which I’m not (not unless I have to ?). I would just like a script or a C program; some code that _just works_ and I simply run it.

If I set up my own CA what would be the requirements to go with it? One raspberry pi hopefully. How would I get my systems to trust the associated top-level certs ?
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #17 on: February 02, 2020, 10:48:59 PM »

On pfsense, its basically a mini wizard, if even that, all done in a gui.  You only need to make the CA once, then you make each certificate based on that CA.  Its something that if you have never done before, might seem scary, but once you know how to do it, its easy and quick.

In a CLI its not particularly difficult either, and arguably easier if you have a script to automate it.  Just that CLI has a higher learning curve.

I remember watching a video revk made demonstrating automated signed certificates on firebrick's, on youtube somewhere, so that would perhaps solve your firebrick issue as I think its a built in feature on it.
Logged

Alex Atkin UK

  • Addicted Kitizen
  • *****
  • Posts: 5260
    • Thinkbroadband Quality Monitors
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #18 on: February 03, 2020, 02:06:12 AM »

Is there where you have to add a certificate to your browser to make it a trusted CA?
Logged
Broadband: Zen Full Fibre 900 + Three 5G Routers: pfSense (Intel N100) + Huawei CPE Pro 2 H122-373 WiFi: Zyxel NWA210AX
Switches: Netgear MS510TXUP, Netgear MS510TXPP, Netgear GS110EMX My Broadband History & Ping Monitors

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #19 on: February 03, 2020, 04:09:33 AM »

https://knowledge.digicert.com/solution/SO10668.html

bit harder in firefox.

https://support.mozilla.org/en-US/kb/setting-certificate-authorities-firefox

but this is only done once for the CA not for each individual certificate.
Logged
Pages: 1 [2]
 

anything