@unraveller349
Ah, ok.
When you ask for a certicate, like pfsense.abc.net, you have to do this first :
fefe3484-e51f-4ba4-a5b8-abcc744f42a7-image.png
Btw :
You've set this :
c051c25c-7adf-4f4d-8df0-250ad459a25f-image.png
?
If a new certificate was obtained, the webconfigurator has to be restarted so it will use the new certificate. That's what the 'action' is for.
In your browser, you should from now on using
https://pfsense.abc.net
because the browser will first resolve 'pfsense.abc.net", it will obtain the pfSense LAN IP.
Did you check that ?
nslookup pfsense.abc.net
returns 192.168.1.1 ? (or whatever your pfSense LAN IP is).
Then it connects to 192.168.1.1, using port 443 (because of https).
The web server, pfSense GUI, will send a certificate over that says : I'm am "pfsense.abc.net" and because the browser was looking for "pfsense.abc.net" everything is fine.
If you were using https://192.168.1.1 then the test will fail.
Because "192.168.1.1" isn't part of the name (SAN) of the certificate.