the stream

pfSense 2.3.3 released - with Let's Encrypt support

Alexander Bochmann Wednesday 22 of February, 2017
According to to the pfSense blog, pfSense 2.3.3 has been released a couple of days ago.

pfSense now has a acme package (also available for the previous release, 2.3.2p1), which can be found right at the top of the list under System -> Package Manager -> Available Packages.

When the package is installed, there's a new service available, Services -> Acme Certificates. Even though the pfSense wiki currently doesn't seem to have any documentation on this module, activation is relatively straightforward for everyone who has seen the Let's Encrypt workflow:

Create an account key with the Let's Encrypt production CA, create a certificate (I had to add a folder name for the webroot local folder verification method, the path is shown in the first example of the pfSense web UI), issue certificate. The certificate is then available in the SSL Certificate selection for the Web Configurator. The UI has options for auto-renewal and additional jobs to run on certificate updates - I'll see if those work in about 60 days ;)

(Admittedly, things are not quite self explaining for first time Let's Encrypt users... *cough*)

I only have a pfSense test system, so I don't have much of an idea about the other changes in this release.