OPNsense 20.1 released with TLS certificate creation and more

The most important highlights of this update include elliptic curve TLS certificate creation, IPsec public-key authentication, and loopback and VXLAN device support.

The latest update to OPNsense, known as Keen Kingfisher, strives to take your firewall experience to the next level with the help of various improvements, software updates, and documentation changes.

In case you have never dipped your toes in the open-source firewall world, it is highly likely that you wouldn’t have heard of OPNsense. Well, this makes the perfect opportunity to briefly introduce this software to all of our readers out there.


Powered by HardenedBSD, this software can help satisfy all of your firewall and routing needs, even though it is free. All thanks to its HardenedBSD security, secure firmware updates, multi-language support, and 2-Clause BSD licensing, a significant number of people prefer using OPNsense instead of other expensive commercial firewalls available.

Now that you know a thing or two about OPNsense let’s have a look at what its latest update has to bring to the table.

What’s New in OPNsense 20.1

Keen Kingfisher is a minor update to OPNsense, and thus, you would expect it to be almost the same as the last version. However, this is not the case with OPNsense 20.1, as there have been plenty of changes with this release in both its code and documentation.

The most important highlights of this update include elliptic curve TLS certificate creation, IPsec public-key authentication, and loopback and VXLAN device support. Other noteworthy enhancements include CARP service demotion hook and captive portal performance upgrades. Apart from that, there has also been work done on improving the firmware health audit checks.

With OPNsense 20.1, several 3rd party software has also received updates. When you update to Keen Kingfisher, you’re going to find the following updated packages: jQuery 3.4.1, Python 3.7, LibreSSL 3.0, OpenSSL 1.1.1, and Google Backup API 2.4.

Other than that, the code has also gone through a major overhaul with this update. In addition to the adoption of the PSR 12 coding style, the logging frontend has also been made to comply with the MVC standards that allow seamless API support.

Even with all these significant changes, there was still one thing left that needed some improvement, and it was none other than the documentation itself. Now, users will find the OPNsense documentation to be more precise and more detailed. Moreover, there has also been the addition of a new menu layout to organize the information further. You can check out the official documentation page of OPNsense here.

For people owning older hardware, there’s good news as OPNsense has not yet started considering i386 systems to be obsolete.


If you want added security without spending a ton of cash, you should consider opting for OPNsense. So, if you’ve made up your mind about getting it, clicking this link should take you to the download page. Lastly, we recommend checking out the official news source to learn more about OPNsense 20.1.

Related Articles


Please enter your comment!
Please enter your name here


Latest Articles


How to set up and login as root user in MySQL

A root account is a superuser account that offers a wide array of privileges throughout the databases of MySQL. By default, the initial password for the root account is ‘empty/blank,’ thus allowing access to the MySQL server as root to anyone.


More Articles Like This