Hi,
how can I add my trusted certificates so I can backup directly to my Nextcloud?
Regards
Hi muchacha_grande,
You mean add it to certificate store on your OPNsense box,
Have a look at the next wiki page https://wiki.opnsense.org/manual/how-tos/self-signed-chain.html#a-chain-for-your-local-nextcloud-server
It is exactly described how you should add it to the store ;)
Greetings mark
Thank you qinohe, I already did this, but the certificate won't survive an update. The certificate store is restored and my certificate is lost and I have to add it again after the update.
Your welcome, but, read the entire topic more observant and you will discover that is also written there. ;)
It may come to you as an unwanted surprise your certificate is removed after you got an upgrade for ca-root-nss, though, this is logical. Your self-signed certs. are not signed by a 'trusted party' like Let's Encrypt and thus 'removed'. In fact it's not removed but the whole file is replaced with a new one and you need to append yours to that file.... hope that makes sense to you.
If you wish here's a script for you to make it simpler (maybe) to add it to the store. Change it to your situation of course
#!/bin/sh
chmod 400 /home/admin/bin/data/nextcloud.crt
cat /home/admin/bin/data/nextcloud.crt >> /usr/local/share/certs/ca-root-nss.crt
cksum /usr/local/share/certs/ca-root-nss.crt > /home/admin/sum.txt
chmod 000 /home/admin/bin/data/nextcloud.crt
exit 0
Greetings mark
What the OP wants has been added to 19.1.7.
Cheers,
Franco
I see, means I myself can stop using these scripts ;D
Yesterday I noticed they were in 'etc/ssl/cert.pem' , though, I completely disregarded it.
Greetings mark
It was a sneaky feature release, I'm sorry. :)
Cheers,
Franco
Al least, don't be sorry ;) that would be conservative thinking and in my opinion that's not for you since you're the dev. Progress always has two faces, but I'm always happy with the new innovations, even if things change for me :P
Thanks
Greetings mark