Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Client certificates (mTLS) in Caddy plugin
« previous
next »
Print
Pages: [
1
]
Author
Topic: Client certificates (mTLS) in Caddy plugin (Read 99 times)
nsky
Newbie
Posts: 1
Karma: 0
Client certificates (mTLS) in Caddy plugin
«
on:
November 05, 2024, 05:38:31 pm »
Hi,
am I right, that the Caddy reverse proxy plugin (
https://github.com/opnsense/plugins/tree/master/www/caddy
) currently has no possibility to configure TLS client certificates through the GUI?
If yes, my approach would be to add a custom config file since the generated Caddyfile imports anything from
Code:
[Select]
/usr/local/etc/caddy/caddy.d/*.conf
.
But for this, I need to know where OPNsense stores the generated CAs and certificates when using System --> Security to create them. Can someone tell me where they are stored? I need the file path to provide them in the Caddy config...
Thanks and best regards
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1619
Karma: 177
Re: Client certificates (mTLS) in Caddy plugin
«
Reply #1 on:
November 05, 2024, 06:01:49 pm »
https://github.com/opnsense/plugins/issues/4089
PRs welcome, all the framework is there. It should be very easy to add to the GUI.
There is a script that will automatically extract certificates from System - Trust for caddy here:
https://github.com/opnsense/plugins/blob/bb69d4653746320c0bf4363eb42f63906b5584e8/www/caddy/src/opnsense/scripts/OPNsense/Caddy/caddy_certs.php#L35
It runs automatically when caddy reloads or starts so the certs are all there.
«
Last Edit: November 05, 2024, 06:10:44 pm by Monviech
»
Logged
Hardware:
DEC740
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Client certificates (mTLS) in Caddy plugin