If you are new to pfSense you probably recognized that you don’t get a secure connection to your Firewall out of the box. I show you step by step how to Generate an SSL Certificate for HTTPS on your pfSense firewall.
You want a secure connection to your firewall. We can achieve this with a few (more or less) simple steps. Let’s dive right in.
Please don’t mind that my Windows and Browser versions are in German, the locations of the buttons etc should be the same in English.
1. Login to your Firewall and go to System / Certificate Manager / CAa and click on Add
2. Fill in all the details according to your location like in my sample.
3. Go to System / Certificate Manager / Certificates - You will notice there is already a certificate existing. Thats the default cert that comes pre installed. We ignore this and click on Add.
4. Fill in the form like in my example. Pay attention to Common Name, this is the FQDN of your pfSense. For example: mypfsensefirewall.lan also make sure that you enter the same FQDN in the Alternative Names Field (Thanks to Rob for pointing that out!)
5. Now pay attention: Go BACK to System / Certificate Manager / CAs and export the CERTIFICATE AUTHORITY, not the WebConfigurator Cert we just created!
6. Open your Windows Certificate Root and import the downloaded pfsense-CA cert. You can Import by right clicking on a empty space on the right side and choose "New Task" or so and Import
7. Go back to your pfSense and go to System / Advanced / Admin Access and CHANGE the SSL certificate from the default one to our newly created one. Hit Save.
8. Now Google Chrome should automaticaly accept the Cert stored in the Windows Certificate Root. Firefox doesn't. If your Chrome doesn't do it, import it manually. Below the steps for Firefox.
9. After doing all this and restarting your browser you should be greeted with a green lock, ensuring a secure connection to your firewall. Remember to access your firewill via its FQDN and not the IP.
- Firewall Micro Appliance With 4x Gbe Intel Lan Ports for PFSense
- Firewall Micro Appliance with 2x Gbe Intel LAN Ports for PFSense Barebone
- Firewall micro appliance with 4x Gigabit Intel LAN Ports for pfSense with 4GB RAM / 16GB mSATA
- Firewall micro appliance with 2x Gigabit Intel LAN Ports for pfSense with 2GB RAM / 16GB mSATA