Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: HTTPS and LAN infrastructure equipment with certificates  (Read 2622 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 10281
  • Retd s/w dev; A&A; 3x7km lines; Firebrick; IPv6
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #15 on: January 25, 2020, 05:51:10 PM »

> The way I handle the issue, is I have my own local CA, that CA is trusted in my certificate store.

I immediately thought about this, but I have zero clue as to how to achieve such an excellent thing.
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 10281
  • Retd s/w dev; A&A; 3x7km lines; Firebrick; IPv6
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #16 on: February 02, 2020, 12:59:57 AM »

Is that a nightmare to do ? I have seen hellish how-to guides which are very longwinded and presume that youíre running a web server, which Iím not (not unless I have to ?). I would just like a script or a C program; some code that _just works_ and I simply run it.

If I set up my own CA what would be the requirements to go with it? One raspberry pi hopefully. How would I get my systems to trust the associated top-level certs ?
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6671
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #17 on: February 02, 2020, 10:48:59 PM »

On pfsense, its basically a mini wizard, if even that, all done in a gui.  You only need to make the CA once, then you make each certificate based on that CA.  Its something that if you have never done before, might seem scary, but once you know how to do it, its easy and quick.

In a CLI its not particularly difficult either, and arguably easier if you have a script to automate it.  Just that CLI has a higher learning curve.

I remember watching a video revk made demonstrating automated signed certificates on firebrick's, on youtube somewhere, so that would perhaps solve your firebrick issue as I think its a built in feature on it.
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 3158
    • Thinkbroadband Quality Monitors
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #18 on: February 03, 2020, 02:06:12 AM »

Is there where you have to add a certificate to your browser to make it a trusted CA?
Logged
INTAKE (ECI) Home Hub 5A (OpenWRT) on Zen, Hauwei B353-232 on Libera 4G, Hauwei CPE Pro 2 H122-373 on Three 5G Router: pfSense (i5-7200U) WiFi: Zyxel NWA210AX + Ubiquiti nanoHD (OpenWRT)
My Broadband History & Ping Quality Monitors

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6671
Re: HTTPS and LAN infrastructure equipment with certificates
« Reply #19 on: February 03, 2020, 04:09:33 AM »

https://knowledge.digicert.com/solution/SO10668.html

bit harder in firefox.

https://support.mozilla.org/en-US/kb/setting-certificate-authorities-firefox

but this is only done once for the CA not for each individual certificate.
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE
Pages: 1 [2]