OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: FullyBorked on March 26, 2023, 01:09:51 am

Title: ACME cert for TLS Block Page?
Post by: FullyBorked on March 26, 2023, 01:09:51 am

I enabled the feature Zenarmor > Configuration > Enable Block Notification Page for TLS encrypted connections (BETA).  It has the ability to download the CA cert, however I'm using ACME for my OPNsense instance, since the hostname name is the same any way to just use that cert?  Passing out a Root CA Cert to a bunch of devices esp. mobile is tough. 

Title: Re: ACME cert for TLS Block Page?
Post by: mb on March 27, 2023, 09:42:12 pm

Hi @FullyBorked,

Yes, we're shipping this capability with 1.13 (OPNsense UI only). You'll be able to import your own CA key/cert.

Would that be helpful?

Title: Re: ACME cert for TLS Block Page?
Post by: FullyBorked on March 27, 2023, 10:12:14 pm

Quote from: mb on March 27, 2023, 09:42:12 pm

Hi @FullyBorked,

Yes, we're shipping this capability with 1.13 (OPNsense UI only). You'll be able to import your own CA key/cert.

Would that be helpful?

Yes that would be very useful, keeping in mind ACME renews regularly would only be useful if it was automated on the Zenarmor side.