Messages

1

Development and Code Review / Re: CRON entry for WOL

« on: August 30, 2020, 11:46:54 am »

Thanks for the guidance, it is excactley what I was looking for. Wondering why this is not standard in opnsense.

Hint: don't use a hyphen "-" in the description, it won't let you safe the cron job.

2

20.1 Legacy Series / Re: LDAP / self signed certificate

« on: April 08, 2020, 12:08:40 pm »

Thank's for the comments which triggered that I had to learn a bit more about the Certificate Authority. I created one in OPNsense and created also a server certificate - both self signed. Then I exported the server certificate and imported it to the LDAP server. Now it works.

3

20.1 Legacy Series / Re: LDAP / self signed certificate

« on: April 07, 2020, 12:56:30 pm »

Try System, Trust, Certificates, Add

I already did this. When I configured LDAP I also imported manually the cerificate from the LDAP Server into OPNsense.

4

20.1 Legacy Series / LDAP / self signed certificate

« on: April 07, 2020, 08:22:15 am »

Hi,

Not sure if the following is a bug or a result of hardening.

I try to connect the OPNsense user authentication with an LDAP server and need to use a TLS connection since the OpenLDAP server does not provide the required fields with anonymous logon. I can reach the server but unfortunately the TLS connection does not connect since the LDAP server uses a self-signed certificate. The opnsense log shows:

opnsense: Could not startTLS on ldap connection [error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (self signed certificate),Connect error]

I could not find a checkbox which allows to accept self signed certificates. Is there a work around (may be in the shell) to accept the certificate once to have it validated?

Thanks
  TMB