Plans for integrating Let's Encrypt on PSA?

Dennis · ‎09-06-2018

Hi,

I would like to ask if there are any Plans to integrate https://letsencrypt.org/ on Pulse Connect Secure Appliance with GUI Support and automatic certificate generation and renewal? What be pretty awesome.

I just saw that on a Synology NAS perfectly integrated into the GUI and was very surprised how good they worked it out.

regards,

Dennis

AXIANS IT Security GmbH

Zod · ‎11-19-2018

You can use the certificate issued by the lets encrypt CA, but the process followed by the lets encrypt site is not possible in the PCS appliances.

You can create a CSR request in the device and provide it to the CA. Post signing it, you can load the certificate in the device.

"KB29002 - Creating and Installing a New or Replacement Device Certificate"
"https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB29002/?q"

kita · ‎11-20-2018

Hello Dennis,

Thank you for the feedback. I was not aware of the following website, but taking a deeper look how it works is a very good idea.

We can provide this feedback to our product marketing team.

ramyan · ‎08-30-2019

Bonjour team,

Any update on that matter?

Ramyan

zanyterp · ‎08-30-2019

as others have mentioned, that is not something that can be done at this time. i would recommend reaching out to your account team to let them know this is something you think would be beneficial and they can work with the product team on an enhancement request

minow · ‎04-18-2021

can you please share relevant content on how i can do it through API ?

for example how to manage certificate on the PSA thoguh API and all the "Lets encrypt" will be done on external server

thanks

alexlist · ‎07-14-2022

Hi,

just stumbled across this thread.

Please don't just send us through account managers. These are valuable suggestions to improve your product and integrate it with industry standard best practice tooling.

Not having an API that can be scripted eg. with Ansible, not supporting Let's Encrypt are missing features that will make the product less and less suitable for Enterprise.

Please talk to your Product Management team, while I will definitely drop a line via our account managers as well.

Relevant links:

https://community.pulsesecure.net/t5/Pulse-Connect-Secure/Pulse-Connect-Secure-with-ansible/m-p/4132...

https://letsencrypt.org/

alexlist · ‎07-14-2022

After some research, it turns out there *is* a REST API.

https://help.ivanti.com/ps/legacy/PPS/9.1Rx/9.1R4/ps-pcs-pps-9.1r4-rest-api-solutions-guide.pdf

So it should be possible to create some glue code between Ansible / Letsencrypt and PCS

zanyterp · ‎07-14-2022

hi @alexlist,

i apologize that the referral to the account team was not clear to acknowledging that this is a good idea. unfortunately, they are the group through which the product team is made aware of items that customers would like to see.

zanyterp · ‎07-14-2022

yes, we do have a REST API; what i am not sure about, though, is if that will work as it appears, that the let's encrypt service requires an agent on the web server that gets the certificate and we do not have that on the pcs. if i misunderstood this when i checked, i apologize

Plans for integrating Let's Encrypt on PSA?

Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?

Re: Plans for integrating Let's Encrypt on PSA?