User certificates

Dispute · February 28, 2024, 01:37:10 AM

Hi all,

Currently I have the root user disabled.

I use a custom user to access my firewall.

If this users certificate expires, does this prevent me from accessing my firewall? Or is this certificate for the VPN only?

Thank you in advance.

bartjsmit · February 28, 2024, 08:14:33 AM

Out of the box there is just username and password for authentication. You can add TOTP or use RADIUS which may have other factors configured.

OpenVPN is one use for user certificates but they can have other purposes.

Bart...

Dispute · March 01, 2024, 03:30:08 AM

First, thank you for the reply!

So, logging into the OPNsense does not require a certificate then?

bartjsmit · March 01, 2024, 08:04:41 AM

Nope, if you want to use client certs as an authentication factor, you'd need to put a reverse proxy on the management network that is capable of it. Something like this: https://www.ssltrust.co.uk/help/setup-guides/client-certificate-authentication

Not a bad idea, just a bit baroque http://catb.org/jargon/html/B/baroque.html ;)

Bart...

Dispute · March 07, 2024, 02:47:22 AM

wow,

Much appreciated!

User certificates

Dispute

February 28, 2024, 01:37:10 AM

bartjsmit

February 28, 2024, 08:14:33 AM #1

Dispute

March 01, 2024, 03:30:08 AM #2

bartjsmit

March 01, 2024, 08:04:41 AM #3

Dispute

March 07, 2024, 02:47:22 AM #4