In January 2023 I made a certificate using CSR on my AD connected OPNsense for the WEB UI and it gives me https on my local Lan supplied by my local ADCS CA
The certificate will expire in January 2025 I want to replace it and after hours of trying different things I cannot do what I was able to do last year "make a certificate that gives https"
What has changed and where can I find it? My searching keeps bringing up let's encrypt
I simply want to replace my windows ADCS signed web UI.
Is this still an option with OPNsense?
Thanks in advance
System -> Settings -> Administration -> Web GUI -> SSL Certificate
and for making the cert:
System -> Trust -> Certificates
I haven't had a need to actually go through this process recently, so not sure if there are gaps....
This is how I ended up accomplishing this (There may be simpler ways)
Make sure AD is set up authentication and communicating
Add authorities
CA with certificate only
CA intermediate with certificate and key
Add base and delta CRL
Log in with user who has permission to enroll
Create internal certificate:
Server
Sub CA
add oscp url
all the other goodies
Create and add to opnsense
A tad more to it than last time
Head hurts, off to get a beer.