Posts Tagged ‘SSL’

Let’s Encrypt plugin available for OPNsense

July 6th, 2017 No comments

A Let’s Encrypt plugin for OPNsense was released back in january. It enables you to configure Let’s Encrypt SSL certificates from within the OPNsense WebGUI:

Not only is it one of the most comfortable ways to get free SSL certificates, it also integrates nicely with the HAProxy plugin for OPNsense:

The Let’s Encrypt plugin will automatically extend the HAProxy configuration and it will even verify that nothing was deleted and adds missing configuration items for you.

Don’t want to use HTTP-01 validation? Not an issue! The plugin supports a large number of DNS providers and services:

Naturally all SSL certificates are automatically imported into OPNsense’s certificate manager and may be used in multiple plugins and applications.

The awesome OPNsense users helped to iron out a few bugs and the plugin is mature enough for use in production environments. Of course, the plugin follows OPNsense security principles: ACME challenges are handled by a dedicated web service – the OPNsene GUI is never exposed to the

Informationen aus CSR oder Certificate auslesen

May 14th, 2013 No comments

Um Informationen aus einem bereits vorhandenen Certificate Request (CSR) auszulesen, genügt folgendes OpenSSL Kommando:

openssl req -noout -text -in test.csr

Die Ausgabe enthält dann neben dem Public Key auch die bei der Erstellung eingegebenen Daten:

Version: 0 (0x0)
Subject: C=DE, ST=Bavaria, L=Munich, O=Example Inc., OU=IT,
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)

Das funktioniert bei einem SSL-Zertifikat natürlich ganz genauso:

openssl x509 -noout -text -in test.crt

Categories: [DE] Snippets Tags: , ,