Acme, pfSense and easyDNS

So I’m not going to mention cheese, or getting soaked, both of which happened.

So this evening I’ve been having fun with the firewall. The challenge being to get a secure connection via an SSL certificate. As it’s only internal I’m certainly not going to pay for one. So found this ACME package that can be setup with ‘Let’s Encrypt’ which is a free CA. There is a handy YouTube video on how to set it up, it does have one flaw though in that it does the domain validation via a local HTTP server and as I have the ports blocked for remote access that wasn’t going to work. However, there was an option to use easyDNS for validation. First you have to sign up for the REST API, this is painless. Don’t bother with the sandbox. Go straight for the production and regenerate the global token, this will then give you the key. I went diving down into a secure shell and edited the damn script by hand. However if you add a new entry on the certificate rather than edit the default it then gives you the boxes to put the keys in. My method worked anyway, but tomorrow I may try and add the secondary domain to the certificate so will delete my edits and try the interface way instead.

Back to the cheese.