Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is it safe to delete the default CA for the WebUI once you have something else

    Scheduled Pinned Locked Moved webGUI
    3 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      M3PH
      last edited by

      First off sorry if I posted this in the wrong place

      I have finally gotten around to importing the root cert from my Windows Server 2012 R2 CA (for my local domain). I also I have the CA for my VPN gateway configured as well as the default one pfSense generates at install (at least, I think that's where it came from I don't remember creating it myself).

      I would like to know, now that I have two CA's that are trusted on my network configured is it safe to delete the default pfSense one? It has no certificates generated against it.

      Also, seeing as I am now using a SSL cert generated against my Win2k12 R2 CA to secure the connection to the UI can I delete the default cert pfSense generates for that purpose as well?

      Thanks in advance

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        There isn't a "default" CA for pfSense. The GUI uses a self-signed certificate (no CA) by default. If you put in your own CA and do not use a CA listed on pfSense for anything, you can delete it.

        You can also delete the default WebGUI certificate if you no longer use it.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          M3PH
          last edited by

          Ok good to know. It's been a year since I did the initial setup of this thing so my memory of the defaults is a little foggy. The naming of the CA led me to believe it was a default config.

          Anyway, thanks for the reply.

          You can close this topic now

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.