Using pfsense to sign private wildcard SSL certificates

Wed, 17 Jan 2018 15:17:57 +0000

pfsense is a wonderful router appliance BSD distro that I’ve enjoyed for some years now.

I use the pfsense certificate manager to issue certs for my VPN client devices. For my Internet-facing life, I have legit SSL certs for everything, I’ve a neurosis about it. But it’s bothered me that for my LAN servers, I’ve continued to use Self-Signed certs for interfaces. Today I fix that.

Here are my notes on how to create and sign a wild-card SSL cert using pfsense for internal use. Note that this approach means you will make your own certificate authority which then must have its root cert installed on any machine you want to use your own certs.

Dear Diary: GoDaddy Error Code 6007

Fri, 07 Apr 2017 09:36:01 +0000

I’ve been working out a tolerable dynamic DNS solution for myself lately. After much effort, I’ve settled on running my own bind server (I last did this like 12 years ago, hah). I’ve written simple scripts that handle it for me and they work fine. However, I found for many of my domains hosted by GoDaddy, I couldn’t get it to use my new nameservers. Godaddy would let me switch my nameservers, but then they’d revert to their previous settings and I’d get an email containing the helpful message:

.Ca on

Using pfsense to sign private wildcard SSL certificates

Dear Diary: GoDaddy Error Code 6007