pfSense-Certificate-Viewer

mirror of https://github.com/alvarsedano/pfSense-Certificate-Viewer.git synced 2025-03-18 17:24:03 +00:00

Get all certificates from a pfSense/OPNsense config file backup to look for possible CRL issues due to duplicated cert serial numbers. Support for encrypted XML files from (pfSense v2.4.4-Release-p3 and earlier), (OPNsense 19.7.4).

certificates duplicated-serialnumbers duplicates opnsense pfsense pfsense-certificate-viewer viewer

Go to file

Alvaro Sedano 0d80ced545 Add files via upload		2021-01-18 02:14:37 +01:00
LICENSE	Initial commit	2019-07-20 17:57:49 +02:00
ListadoPfsUsuarios.ps1	Add files via upload	2021-01-18 02:14:37 +01:00
pfSenseCertViewer.ps1	Correction of spelling errors.	2019-09-13 18:47:27 +02:00
README-es.md	Update README-es.md	2019-09-13 11:20:20 +02:00
README.md	Update README.md	2019-09-13 11:18:51 +02:00
result-example.md	Update result-example.md	2019-08-22 21:07:57 +02:00

README.md

pfSense/OPNsense Certificate Viewer

Powershell script: pfSense/OPNsense Certificate Viewer

Sometimes it happens in pfSense that certificates are created with duplicated SerialNumbers (in the same CAroot). If any of these certificates are revoked, and it's in use by openVPN, we will be surprised of having more revoked certs than the desired. This tool finds those duplicated SerialNumbers into a non encrypted xml pfSense config backup.

CA roots, server certificates and user certificates will also be displayed.

2019/07/21: New feature: Now it also shows the CRL(s) in which the cert appears.

2019/09/11: New feature: Encrypted XML config files supported. To decrypt the xml files is mandatory a path to openssl.exe. By default this script looks for the openvpn bin folder.

Last change 2019/09/13 New feature: Also supports OPNsense backups (both encrypted and unencrypted).

Thanks to pippin for show me the links to the pfSense docummented issue:

https://redmine.pfsense.org/issues/3694

https://forum.netgate.com/topic/69978/generated-certificates-with-non-unique-serial-numbers/2