Is it safe to delete the default CA for the WebUI once you have something else
-
First off sorry if I posted this in the wrong place
I have finally gotten around to importing the root cert from my Windows Server 2012 R2 CA (for my local domain). I also I have the CA for my VPN gateway configured as well as the default one pfSense generates at install (at least, I think that's where it came from I don't remember creating it myself).
I would like to know, now that I have two CA's that are trusted on my network configured is it safe to delete the default pfSense one? It has no certificates generated against it.
Also, seeing as I am now using a SSL cert generated against my Win2k12 R2 CA to secure the connection to the UI can I delete the default cert pfSense generates for that purpose as well?
Thanks in advance
-
There isn't a "default" CA for pfSense. The GUI uses a self-signed certificate (no CA) by default. If you put in your own CA and do not use a CA listed on pfSense for anything, you can delete it.
You can also delete the default WebGUI certificate if you no longer use it.
-
Ok good to know. It's been a year since I did the initial setup of this thing so my memory of the defaults is a little foggy. The naming of the CA led me to believe it was a default config.
Anyway, thanks for the reply.
You can close this topic now
