In this tutorial, we will show you how to generate a CSR on pfSense.
Just follow the steps below:
Step 1: Create the CSR certificate
- Navigate to System > Cert Manager > Certificates tab and click + to expand the certificates options.
- Select the Create a certificate signing request method.
- Choose a friendly name for your certificate.
- Select the key size (2048 bits is the standard size)
- For the Digest Algorithm, choose SHA 256
- The certificate type must be Server Certificate
Step 2: Complete your information
Next, you need to fill in the fields with your contact information:
- C: Country: enter the two-letter code of the country where your company is registered. For example, US
- ST: State: enter the name of the state where your company is based. For example, New Mexico
- L: Location/City: enter the city where your company is located. For instance, Albuquerque
- O: Organization: indicate the official name of your company. For instance, YourCompany LLC
- OU: Organizational Unit: name the department in charge of the SSL certificate. For instance, IT
- Email Address: provide your email address
- CN: Common Name: enter the FQDN (fully-qualified domain name) of the website you want to secure. For example, yourdomain.com. If you want to order a Wildcard certificate, add an asterisk in front of your domain name. For example, *.yourdomain.com
Next, you can copy the newly generated CSR code including the —–BEGIN CERTIFICATE REQUEST—– and —–END CERTIFICATE REQUEST—– tags into a text editor of your choice. You’ll need it during the SSL application.
After your CA validates the CSR and issues the SSL certificate, you can proceed to the pfSense SSL installation instructions.