Open stompro opened 7 months ago
Just a nudge to myself to figure this out.
LetsEncrypt issued new intermediate CAs on June 6th, which broke all my "pinned" manually loaded R3 Intermediate certificates in pfSense.
https://letsencrypt.org/2024/04/12/changes-to-issuance-chains.html
And funnily enough, that is one of their goals, to switch Intermediates more often to make it painful for those that don't handle changing intermediate certs automatically. They will be switching between 2 intermediate chains on each renewal, and switching to two different ones occasionally. I guess good job LetsEncrypt for breaking my current setup :-)
So this script needs to grab the intermediate from the chain.pem file and load that as a new CA on each update.
The script needs to be able to update/import the Letsencrypt CA, to support the Captive Portal better.