{"id":605,"date":"2019-04-23T20:37:06","date_gmt":"2019-04-24T01:37:06","guid":{"rendered":"http:\/\/zewwy.ca\/?p=605"},"modified":"2019-04-23T20:37:06","modified_gmt":"2019-04-24T01:37:06","slug":"exporting-opnsense-haproxy-lets-encrypt-certificates","status":"publish","type":"post","link":"https:\/\/zewwy.ca\/index.php\/2019\/04\/23\/exporting-opnsense-haproxy-lets-encrypt-certificates\/","title":{"rendered":"Exporting OPNsense HAProxy Let’s Encrypt Certificates"},"content":{"rendered":"

You know… in case you need it for the backend service… or a front end IDS inspection… whatever suits your needs for the export.<\/p>\n

Step 1) Locate the Key and certificate, use the ACME logs!<\/p>\n

cat \/var\/log\/acme.sh.log | grep “Your cert”<\/p>\n

*No that is not a variable for your cert, actually use the line as is<\/p>\n

Step 2) Identify your Certificate and Key<\/p>\n

Step 3) run the openssl command to create your file:<\/p>\n

openssl <\/span>pkcs12<\/span> <\/span>–<\/span>export<\/span> <\/span>–<\/span>out <\/span>certificate<\/span>.pfx<\/span> <\/span>–<\/span>inkey <\/span>privateKey<\/span>.key<\/span> <\/span>–<\/span>in<\/span> <\/span>certificate<\/span>.crt<\/span><\/p>\n

\"\"<\/a><\/p>\n

Step 4) use WinSCP to copy your files to your workstation<\/p>\n

*Note use SFTP when connecting to OPNsense, for some reason SCP just no worky<\/p>\n","protected":false},"excerpt":{"rendered":"

You know… in case you need it for the backend service… or a front end IDS inspection… whatever suits your needs for the export. Step 1) Locate the Key and certificate, use the ACME logs! cat \/var\/log\/acme.sh.log | grep “Your cert” *No that is not a variable for your cert, actually use the line as … <\/p>\n

Continue reading “Exporting OPNsense HAProxy Let’s Encrypt Certificates”<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[4,6,8],"tags":[188,189],"class_list":["post-605","post","type-post","status-publish","format-standard","hentry","category-infosec","category-networking","category-server-administration","tag-certificate","tag-export"],"_links":{"self":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/605","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/comments?post=605"}],"version-history":[{"count":1,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/605\/revisions"}],"predecessor-version":[{"id":606,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/posts\/605\/revisions\/606"}],"wp:attachment":[{"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/media?parent=605"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/categories?post=605"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zewwy.ca\/index.php\/wp-json\/wp\/v2\/tags?post=605"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}