Member-only story
Become Your Own Certificate Authority (CA) with pfSense
This guide will walk you through configuring certificate authority services in pfSense.
Using pfSense as a Certificate Authority (CA) allows us to issue and manage internal certificates for secure communication within your network. I am certain that you are annoyed by the “self-signed” banner accessing your internal web application using SSL/TLS.
So how do we fix this?
First, login to your pfsense management interface. Then navigate to System -> Certificates -> Authorities.
Proceed on Add and enter the pertinent information.
As for the Lifetime (days) field, based of Chris Hickman’s article, many browsers and certificate authorities now adhere to a maximum lifespan of 398 days for publicly trusted certificates. This was driven by initiatives from Apple, Google, and Mozilla¹.
Even though this is for internal usage, instead of leaving the Lifetime (days) field as 3650, we will set it as 398…
