OPNsense, NethServer and Certificates

Salut Andy,

That easily convinced me to place the switch between OPNsense and the LOCAL LAN.
The capture image for the redirection is from NS but it will be almost the same except OPNsense can make a redirection in one rule for both TCP & UDP.

Webmail/Roundube & hiding server name

With a custom template, I am able to hide the server name.

# cat /etc/e-smith/templates-custom/etc/roundcubemail/config.inc.php/91CacherNomDuServeur

**$config['default_host'] = '127.0.0.1';

image

Let’s Encrypt & hiding other domain names:

There are 4 other domains hosted on NS 192.168.1.1.

When accessing any particular domain, I would like to to see only the Certificate and CNAME related to that domain only .

- With acme.sh, it is quite easy to have a Let’s Encrypt certificate for any LOCAL domain.
- I can write a script to transfer the certs or the complete cert-directory-domain-name into any folder of OPNsense throught ssh/key-connection.
- Maybe also add a custom-template to add a line to /sbin/e-smith/signal-event certificate-update to run that script ?

Question:
● How to activate them in OPNsense?
● Will that be enough ?

Mille mercis d’avance,

Michel-André

1 Like