In this tutorial, we will show you how to install an SSL certificate on pfSense. If you’ve already generated a CSR code for your certificate, skip the first section and continue with the SSL installation steps. Part three of the tutorial brings you interesting facts about the pfSense history, while part four includes useful tips on where to buy the best SSL Certificate for pfSense.
Generate a CSR code on pfSense
CSR (Certificate Signing Request) is a block of encoded text with your personal information. You need to generate it and submit it to your Certificate Authority during the SSL application process. Along with the CSR, you will also create your private key.
- Navigate to System > Cert Manager > Certificates tab and click + to expand the certificates options.
- Select the Create a certificate signing request method.
- Choose a friendly name for your certificate.
- Select the key size (2048 bits is the standard size)
- To the Digest Algorithm, choose SHA 256
- The certificate type must be Server Certificate
- Next, you need to fill in the fields with your contact information:
- C: Country: enter the two-letter code of the country where your company is registered. For example, US
- ST: State: enter the name of the state where your company is based. For example, New Mexico
- L: Location/City: enter the city where your company is located. For instance, Albuquerque
- O: Organization: indicate the official name of your company. For instance, YourCompany LLC
- OU: Organizational Unit: name the department in charge of the SSL certificate. For instance, IT
- Email Address: provide your email address
- CN: Common Name: enter the FQDN (fully-qualified domain name) of the website you want to secure. For example, yourdomain.com. If you want to order a Wildcard certificate, add an asterisk in front of your domain name. For example, *.yourdomain.com
Next, you can copy the newly generated CSR code including the —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– tags into a text editor of your choice. You’ll need it during the SSL application.
Install an SSL certificate on pfSense
After you’ve successfully applied for your SSL Certificate and received all the necessary certificate files from the CA, it’s time to install them on pfSense. First, you need to import the root and intermediate certificates. They usually are delivered in a combined CA Bundle file.
Install the root and intermediate certs
- Navigate to System > Cert Manager then open the CAs tab. Click the + icon at the bottom right of the list.
- From the Method drop-down list, select Import an existing Certificate Authority.
- Paste the certificate in Certificate Data and click Save
Install the primary certificate (if you’ve generated the CSR on pfSense)
- Navigate to System > Cert Manager > Certificates tab.
- If you’ve generated your CSR in pfSense, a corresponding line should be available in the list. Click the edit icon. Paste your certificate in the box and click Save.
Install the primary certificate with the private key
If you’ve generated the CSR via an external tool, follow the steps below:
- Go to System > Cert Manager, then to the Certificates tab. Click the + icon at the bottom right of the list.
- Select Import an existing Certificate. Paste the unencrypted private key and the certificate, then click Save.
Test your installation
After you install an SSL Certificate on Webmin, it’s highly recommended to test your SSL installation for potential vulnerabilities. Use one of these advanced SSL tools to scan your website and get instant SSL reports.
pfSense is an open-source firewall/router computer software distribution based on FreeBSD. It works on a physical computer or a virtual machine to create a dedicated firewall/router for a network. The pfSense was founded in 2004 as a fork of the m0n0wall project by Chris Buechler and Scott Ullrich. The first release was in 2006. The latest release dates back to June 2020. The name derives from the packet-filtering tool, PF, which software uses.
Where to buy the best SSL certificate for pfSense?
If you’re looking for a great shopping experience, then SSL Dragon is your best SSL seller. Our intuitive and user-friendly website will smoothly guide you through the entire range of SSL Certificates. All our products are issued by reputable Certificate Authorities and are compatible with pfSense. We offer the following SSL validation types:
- Domain Validation
- Business Validation
- Extended Validation
- Code Signing
- IP Address
Enjoy the lowest prices on the market, and dedicated customer support for any certificate you choose. And, if you’re struggling to find the perfect cert for your website, use our SSL Wizard and Advanced Certificate Filter tools to get a helping hand.
If you find any inaccuracies, or you have details to add to these SSL installation instructions, please feel free to send us your feedback at [email protected] Your input would be greatly appreciated! Thank you.