User Tools

Site Tools


pfsense:certificates:create_a_server_certificate

PFSense - Certificates - Create a Server Certificate

A Server certificate (SSL certificates) is used to authenticate the identity of a server.


Create the Server Certificate

Navigate to System → Cert Manager.

  • Select the Certificates tab and create a Server Certificate by pressing the “+” button.

In Add/Sign a New Certificate:

  • Method: Create an Internal Certificate.
  • Descriptive Name: ShareWiz OpenVPN.

In Internal Certificate:

  • Certificate authority: ShareWiz OpenVPN CA.
  • Key Type: RSA.
  • Key length: 2048 bit.
  • Digest Algorithm: SHA 256.
  • Lifetime: 397. (1 year).
  • Common Name: ShareWiz - OpenVPN CA.
  • Country Code: JE.
  • State or Province: <blank>.
  • City: St. Helier.
  • Organization: ShareWiz.
  • Organizational Unit: <blank>.

In Certificate Attributes:

  • Certificate Type: Server Certificate.
  • Alternative Names: <blank>.

NOTE: Lifetime.

  • New TLS certificates will be limited to 398 days, a little over a year (13 months).
  • In a move that is meant to boost security, Apple, Google, and Mozilla reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months (or 398 days) from their creation date.
  • To avoid unintended consequences, it is recommended that certificates be issued with a maximum validity of 397 days.

pfsense/certificates/create_a_server_certificate.txt · Last modified: 2022/08/18 08:02 by 185.198.243.242

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki