Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Imported Trust Authorities
« previous
next »
Print
Pages: [
1
]
Author
Topic: Imported Trust Authorities (Read 1763 times)
ole
Jr. Member
Posts: 72
Karma: 1
Imported Trust Authorities
«
on:
June 11, 2020, 09:01:49 pm »
Hi,
can I use (or even is it supported) an external Security token like the Nitrokey Start with PGP keys with the Trust/Authorities? I would assume I have to use 'Import an exsisting Certificate Authority' but the question rise how to enter the pass phrase for the private key than. The Nitro Key must be probably placed on the OPNsense box I would assume.
Thanks in advance
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Imported Trust Authorities
«
Reply #1 on:
June 12, 2020, 08:29:54 am »
Hi ole,
PGP keys have nothing to do with TLS/SSL certificate chains, i.e. intermediate and root certificates provided under "trust authorities".
Cheers,
Franco
Logged
ole
Jr. Member
Posts: 72
Karma: 1
Re: Imported Trust Authorities
«
Reply #2 on:
June 12, 2020, 06:15:24 pm »
thanks for your answer. Probably my question was missleading. I did consider using something described here:
https://raymii.org/s/articles/Get_Started_With_The_Nitrokey_HSM.html
or
https://raymii.org/s/articles/Nitrokey_Start_Getting_started_guide.html
, using the smartcard capability of Nitrokey (Start) - not the PGP signing one. There is a Certificate/Signing private key on this 2nd factor. I fear, the private Key(s) can be hacked e.g. if something is misconfigured on OPNsense by me once a day.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Imported Trust Authorities
