Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
XMLRPC sync and HTTPS
« previous
next »
Print
Pages: [
1
]
Author
Topic: XMLRPC sync and HTTPS (Read 5669 times)
Tsuroerusu
Newbie
Posts: 9
Karma: 0
XMLRPC sync and HTTPS
«
on:
July 26, 2017, 08:17:12 pm »
I am configuring two OPNsense systems in a high availability setup with CARP, pfSync, XMLRPC etc. for full redundancy. I have also installed my own self-signed certificates for the WebGUI.
When configuring things I noticed something that I am rather curious about. On screen in the sync settings it mentions to specify the full URL for the secondary firewall, and it gives an HTTP
S
sample URL. That got me to wonder, does XMLRPC ignore any certificate validation when sync the configuration or does it fail if it cannot validate the certificate of the other machine?
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: XMLRPC sync and HTTPS
«
Reply #1 on:
July 27, 2017, 07:01:07 am »
Yes, it does ignore the certificate for xmlrpc. When properly configured, carp/hasync should be attached by a single crosslink cable, which makes it quite hard to intercept, but an option to validate the certificate might be a good idea to add. You could add an issue on GitHub for it.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
XMLRPC sync and HTTPS