Thank you, MJ,
It looks like questions asked here are replied selectively.
At least out of 4 questions that I asked only this one was finally "noticed" 
after the resend šŸ˜‰
I wouldn't bother the list with my questions if the procedure is well 
documented and works.
The existing documentation mentions only this:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
"Upon PacketFence installation, self-signed certificates will be created in 
/usr/local/pf/conf/ssl (server.key and server.crt). Those certificates can be 
replaced anytime by your 3rd-party or existing wild card certificate without 
problems. Please note that the CN (Common Name) needs to be the same as the one 
defined in the PacketFence configuration file (pf.conf)."
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

This is very confusing. We all know that CN in the wildcard certificate looks 
like this:
*.example.com
How would I make use of it with PF ?

If you refer me to Let's Encrypt certificates should I understand that I need 
to do it from www.sslforfree.com
And what's the correct procedure to install an SSL certificate to PF. Never saw 
it in the documentation.
I need it for a captive portal.

Eugene

-----Original Message-----
From: mj via PacketFence-users <packetfence-users@lists.sourceforge.net> 
Sent: Wednesday, November 11, 2020 1:38 AM
To: packetfence-users@lists.sourceforge.net
Cc: mj <li...@merit.unu.edu>
Subject: Re: [PacketFence-users] Wildcard SSL certificate installation on PF

Hi Eugene,

The list has always been alive, from where we are. :-)

Anyway: I would encourage you to take a look a Let's Encrypt certificates with 
packetfence. I think they are a bit more secure than a wildcard certificate, 
plus they are free and work very well.

(there are some threads on this mailinglist on that subject)

Good luck,
MJ

On 11/10/20 5:31 PM, E.P. via PacketFence-users wrote:
> Since this group suddenly became alive I dare asking my previous again 
> šŸ˜‰
> 
> How would I install a wildcard SSL certificate on PF, see more details 
> below
> 
> Eugene
> 
> *From:* E.P. <ype...@gmail.com>
> *Sent:* Saturday, October 31, 2020 2:43 PM
> *To:* packetfence-users@lists.sourceforge.net
> *Subject:* Wildcard SSL certificate installation on PF
> 
> Guys,
> 
> Iā€™m trying to overcome the issue with a self-signed SSL certificate 
> that PF offers to WiFi authentication via captive portal.
> 
> This a certificate that is in use by HTTPS sessions
> 
> Certificate/Key match
> 
> Chain is invalid
> 
> common_name
> 
> 127.0.0.1, emailAddress=supp...@inverse.ca 
> <mailto:emailAddress=supp...@inverse.ca>
> 
> issuer
> 
> C=CA, ST=QC, L=Montreal, O=Inverse, CN=127.0.0.1, 
> emailAddress=supp...@inverse.ca 
> <mailto:emailAddress=supp...@inverse.ca>
> 
> not_after
> 
> Oct 7 15:29:09 2021 GMT
> 
> not_before
> 
> Oct 7 15:29:09 2020 GMT
> 
> serial
> 
> A500DC03671C0E35
> 
> subject
> 
> C=CA, ST=QC, L=Montreal, O=Inverse, CN=127.0.0.1, 
> emailAddress=supp...@inverse.ca 
> <mailto:emailAddress=supp...@inverse.ca>
> 
> Is there any way to import and install a company wild card SSL 
> certificate into PF
> 
> Eugene
> 
> 
> 
> _______________________________________________
> PacketFence-users mailing list
> PacketFence-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
> 


_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users



_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to