Step-CA: Run as a systemd service

Create /etc/systemd/system/step-ca.service Fill it with this, make sure your directories are correct in the ExecStart line: [Unit] Description=step-ca After=syslog.target network.target [Service] User=step Group=step ExecStart=/bin/sh -c '/bin/step-ca /home/step/.step/config/ca.json --password-file=/home/step/.step/pwd >> /var/log/step-ca/output.log 2>&1' Type=simple Restart=on-failure RestartSec=10 [Install] WantedBy=multi-user.target Next, populate the pwd file with the plaintext intermediate CA password. I put mine in /home/step/.step/pwd Next, configure the
Read More »

OpenSSL CA: make a certificate signing request work on Arch Linux

#edit /etc/ssl/openssl.cnf Find [ ca ] and make sure this matches: #################################################################### [ ca ] default_ca      = CA_default #default ca section #################################################################### [ CA_default ] dir             = /etc/ssl              # Where everything is kept certs           = $dir/certs            # Where the issued certs are kept crl_dir         = $dir/crl              # Where the issued crl are kept database        =
Read More »

PFsense 2.6.0: Fix pf-att bypass mode

As of Writing this (2/17/22), there is a bug in the latest version of pfSense with the Intel if_em.ko driver. This is causing the pf-att script to not work. Thanks to the work of neydah700 on github, the fix was found by replacing the kernel driver with a newly compiled binary that has the issue
Read More »