Web UI SSL without let's encrypt

Started by thorzeen, December 06, 2024, 12:25:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 06, 2024, 12:25:18 PM
In January 2023 I made a certificate using CSR on my AD connected OPNsense for the WEB UI and it gives me https on my local Lan supplied by my local ADCS CA
The certificate will expire in January 2025 I want to replace it and after hours of trying different things I cannot do what I was able to do last year "make a certificate that gives https"
What has changed and where can I find it? My searching keeps bringing up let's encrypt
I simply want to replace my windows ADCS signed web UI.
Is this still an option with OPNsense?
Thanks in advance
December 06, 2024, 12:42:32 PM #1
System -> Settings -> Administration -> Web GUI -> SSL Certificate

and for making the cert:

System -> Trust -> Certificates

I haven't had a need to actually go through this process recently, so not sure if there are gaps....
December 06, 2024, 09:32:27 PM #2
This is how I ended up accomplishing this (There may be simpler ways)
Make sure AD is set up authentication and communicating
Add authorities
CA with certificate only
CA intermediate with certificate and key
Add base and delta CRL
Log in with user who has permission to enroll
Create internal certificate:
Server
Sub CA
add oscp url
all the other goodies
Create and add to opnsense
A tad more to it than last time
Head hurts, off to get a beer.
Print
Go Up Pages1
User actions