Project

General

Profile

Actions
Copy link

Feature #10140

closed

allow to select webserver certificate

Added by Viktor Gurov over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
pfBlockerNG
Target version:
-
Start date:
12/31/2019
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

This feature allow user to select certificate for internal webserver of pfBlocker (lighttpd)
It saves the old /var/unbound/dnsbl_cert.pem file for backward compatibility (Default (auto) cert) and creates a new /var/unbound/dnsbl_web_cert.pem

On each 'update' it compares the fingerprint of cert from the config and cert from this file, and if it's different, updates the dnsbl_web_cert.pem file.
(maybe there is a more elegant way to verify that the certificate is changed)

https://github.com/pfsense/FreeBSD-ports/pull/736

Actions
Copy link
 #1

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Pull Request Review
Actions
Copy link
 #2

Updated by Viktor Gurov over 4 years ago

  • Status changed from Pull Request Review to Closed

we discussed this with BBcan177 - this is unnecessary

I think this can be useful only if the company uses a special internal policy that allows only specific (int CA) certificates to be used in any software.

Actions
Copy link

Also available in: Atom PDF