Quick & Easy Let’s Encrypt Setup on pfSense using ACME

There is a wonderful new capability in pfSense to use Let’s Encrypt to automatically and securely generate fully recognized TLS certificates.

This is a great thing because security is important. Using self-signed certs is annoying at best. You still completely control your private key when using ACME via services such as Let’s Encrypt, so there is no security downfall to using it.

How-to use Let’s Encrypt on pfSense

Under System / Package Manager / Available Packages you should find a package called acme. Click the install button and allow it to complete.

Once installed you should find Acme Certificates under the Services menu.

The first step is to create your account keys. Enter a name, select the production server if you want this to be live.
Click “Create new account key” to generate a key and insert it into the Account key box.
Finally click the Register button and Save.

The next step is to create your certificate. Under Certificates click the Add button.
Enter the details such as the name.

In the Table you will see I selected “standalone HTTP server” and in the options set the listen port to 8082. This is important because the ACME server needs to be able to access this standalone HTTP server on port 80. We will accomplish this with a port forward rule in the next step.

Under Firewall / NAT / Port Forward create a new rule that forwards port 80 HTTP to your pfSense IP address which is 192.168.1.1 by default.
This allows the ACME server to communicate with your device to verify ownership.

Of course you can use other methods, I just found this to be the simplest option assuming that you have something already running on port 80 like I do.

Now let’s go back to Acme Certificates, and click the Issue/Renew button. If the domain name you used has correctly configured DNS, you should have a freshly minted certificate available for use under System / Cert. Manager.

To use this new certificate from the pfSense webConfigurator like I am, go to System / Advanced / Admin Access and select your new certificate under the SSL Certificate drop down menu.

Onward to TLS everywhere!

Importing from New Blogger to WordPress 2.1

I was not able to find a good solution for importing my blogger entries to wordpress, and so made up my own. It works effectively as long as you only have 999 posts or less. 🙂

  1. In Blogger Settings->Formatting in the “Show” insert your amount of posts.
  2. Change the “Timestamp Format” to “Thursday, January 25, 2007”
  3. Go to the Template tab and choose “Edit HTML”. At the bottom you’ll find a “revert to Classic Template” link. Click it.
  4. Insert the following code into your template:
    <?xml version="1.0"?>
    <rss version="2.0">
    <channel>
    <title>arthur.wiebe</title>
    <Blogger><!-- Begin .post -->
    <item>
    <BlogItemTitle>
    <title><$BlogItemTitle$></title>
    </BlogItemTitle>
    <description>
    <$BlogItemBody$>
    </description>
    <pubDate><$BlogItemDateTime$></pubDate><!-- End .post -->
    </item>
    </Blogger>
    </channel>
    </rss>
  5. Go to your blog page and download the page HTML.
  6. Open the downloaded file in a plain text editor and remove all the code above <?xml version="1.0"?> line.
  7. Go to wp-admin and choose RSS Import.
  8. Upload the file you downloaded and edited.

And you should have all your posts from blogger!

It worked for me, it’s easy, and I hope it helps someone out there.