OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: oldjoe on March 11, 2023, 04:57:58 AM

Title: Import trusted certificate via shell
Post by: oldjoe on March 11, 2023, 04:57:58 AM
Hi,

I have a centralized Let's Encrypt server that manages multiple domains and would like to keep that setup separate as it involves quite a bit of automation.

Preferably I would like to migrate my current StrongSwan VPN server (running in a VM) along with its domain certificate into my awesome OPNsense desktop appliance so I could retire that VPN VM.

Is there a way to import the 3 cert files (certs/server-cert.pem, cacerts/chain.pem, private/server-key.pem) via SCP/API; import them from my VM managing the certificates? And have that import setup on a schedule that would be available to the OPNsense IPsec VPN service in an automated fashion?

Thanks in advance!
Title: Re: Import trusted certificate via shell
Post by: bartjsmit on March 11, 2023, 10:24:25 AM
I wrote a script for that https://github.com/bartsmit/distcerts
Title: Re: Import trusted certificate via shell
Post by: oldjoe on March 15, 2023, 01:22:53 AM
That is so awesome - Thanks a lot for sharing bartjsmit! Will try it out