Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Lets Encrypt Plugin SFTP upload issues
« previous
next »
Print
Pages: [
1
]
Author
Topic: Lets Encrypt Plugin SFTP upload issues (Read 2800 times)
mightyi
Newbie
Posts: 14
Karma: 0
Lets Encrypt Plugin SFTP upload issues
«
on:
January 07, 2021, 04:09:12 am »
I have recently migrated from Sophos XG to OPNSense for my home firewall - getting used to the interface and setup slowly!
I am intending to replace the secondary Ubuntu server I had in place to run dnsmasq and letsencrypt deployment duties with the OPNsense unit. I have managed to get the LetsEncrypt plugin installed and uploading to my desktop server via SFTP - but no matter what i do, it only ever attempts to upload the ca.pem file, no other certs/keys are every sttempted to upload. Has anyone else had this issue or am i missing something i need to do? I haven't seen any option to specify what to upload so can't understand why this doesn't work...
Logged
mightyi
Newbie
Posts: 14
Karma: 0
Re: Lets Encrypt Plugin SFTP upload issues
«
Reply #1 on:
January 08, 2021, 11:40:51 am »
Can anyone help me with this? I can't find any reason this would happen. The logs on the SFTP server show that it only ever attempts to upload the single file, so it's not an issue with access being refused.
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: Lets Encrypt Plugin SFTP upload issues
«
Reply #2 on:
January 08, 2021, 12:51:31 pm »
You need a script to upload the certificate into OPNsense:
https://github.com/pluspol-interactive/opnsense-import-certificate
Bart...
Logged
mightyi
Newbie
Posts: 14
Karma: 0
Re: Lets Encrypt Plugin SFTP upload issues
«
Reply #3 on:
January 08, 2021, 12:57:33 pm »
Thanks for the script link Bart - however I'm not sure if you understand what i'm trying to do?
I have the Lets Encrypt plugin installed and configured on the OPNSense firewall to update the certificate directly, and then added the automation to upload the cert to the SFTP server (the desktop that needs it). the task is running correctly, but it only transfers the ca.pem via SFTP to the desktop - even though i can go on the OPNSense server and find the fullchain, key etc in the same directory?
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: Lets Encrypt Plugin SFTP upload issues
«
Reply #4 on:
January 08, 2021, 01:57:03 pm »
Quote from: mightyi on January 08, 2021, 12:57:33 pm
Thanks for the script link Bart - however I'm not sure if you understand what i'm trying to do?
Sorry, I was wrongfooted
The full chain of the certificate does not change, and you can reconstruct it on the destination if you're able to get the most recent LE cert and private key from the firewall.
Bart...
Logged
mightyi
Newbie
Posts: 14
Karma: 0
Re: Lets Encrypt Plugin SFTP upload issues
«
Reply #5 on:
January 08, 2021, 03:22:52 pm »
no worries
Yes I could reconstruct the certificate on the destination server; however as the machine is a Windows 10 box I would have to run scripts as scheduled tasks. Does the plugin not upload the rest of the certs by design?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Lets Encrypt Plugin SFTP upload issues
