Messages

Hint: you only need fingerprints if you want to feed your builds secure updates. You can also avoid fingerprints and adjust the pkg repo config accordingly.


Cheers,
Franco

I wanted to add how I effectively disabled the fingerprint check, since I for one was not able to follow Franco's suggestion immediately.

1. Add URL to content of e.g. sets-24.7.3-aarch64/packages-24.7.3-aarch64.tar as custom mirror under https://opnsense.example.com/ui/core/firmware#settings
2. Login to the shell of your OPNsense instance as root user
3.

Code Select Expand

vi /usr/local/etc/pkg/repos/OPNsense.conf
4. signature_type: "fingerprints"→ signature_type: "none"
5. Mind that the OPNsense.conf file would be overwritten any time you change it under https://opnsense.example.com/ui/core/firmware#settings

I can well imagine this is not the most clean way to disable signature verification.

Using the great info every one collected in this thread to setup fingerprints properly for my builds soon. Thanks for taking the time to share it everyone!