Hi,
I was thinking a way to get my home intranet service SSL certs automatically renewed. I don't like that all random stuff at home have self signed certs from some different dummy CA. I would like to make trust to OPNSense CA at home, and issue home certs from OPNSense.
But I don't want to do them manually. Is there an automated way for clients to ask for a new cert, and reinstall it when needed? Like what freeipa and certmonger does? Therr you define the cert in freeipa, and it keeps cert valid by automatically renewing it. Then clients use certmonger to keep the cert files updated, and services restarted when cert gets renewed.
Any similar method for OPNSense?