Hi Scott,
in fact is what i did once i realized that both webGUI and captive
portal were sharing the same certificate.
I only stated the posibility to do this automatically but it's 100%
understandable your PoV.
Thanks ;)
jonathan
PS: i'm writting a FAQ proposal as Bill told me about how to do it
manually ;)
Scott Ullrich wrote:
On 10/24/05, jonathan gonzalez <[EMAIL PROTECTED]> wrote:
Hi,
i would like to request the following feature (i'll do it on the cvstrac
if its cleary accepted here in order to not stain the cvstrac).
HTTPS web interface and HTTPS captive portal share the same certificate
and private key for the SSL layer.
This certificates are generated from the web interface thru the menu
System -> Advanced funcations -> webGUI SSL certificate/key.
Being the same certificate the two pair of boxes (certificate and key)
would be nice to be auto-completed automatically once the certificate is
generated in the Advanced funcions.
Why do it so?
The certificate and its private key can be generated using 'System ->
Advanced funcations -> webGUI SSL certificate/key'. The admin can decide
to put the webGUI in SSL or not, but if (s)he wants to enable Captive
Portal over SSL the certificate will be present and being populated in
the boxes.
Why mantain the boxes so?
If an admin (his/her company) is paying for SSL signing services with
verisign, thawte or other company (s)he can decide use a real
certificate in i.e. the captive portal boxes and a self-signed
certificate in the wegGUI of pfSense.
I think this changes can help so much the implementation of Captive
Portal because will enable the user/admin to only select how (s)he wants
the portal to be running (SSL or not) using a simple click. If (s)he has
bigger needs then (s)he can populate the certificate and key boxes with
real worldwide accepted certificates for the captive portal (and of
course for the webGUI interface).
I look forward to hearing from you abouth this theme.
Regards,
Have you tried copy and pasting the key from the advanced screen to
the captive portal configuration screen? I know this is not what your
looking for but it should work. At this point since we are syncing
against m0n0wall I would rather not change the captive portal code
unless we submit changes upstream to be included.
Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
