Comodo SSL for pfsense webgui



  • Hello,

    I am using local cert created in pfsense. I want to buy and use Comodo ssl for pfsense (https in green). Do anyone knows how to do it?


  • Rebel Alliance Global Moderator

    Why... Just have your browser trust the CA that creates the cert you use in pfsense.

    Or use the acme client - there would be ZERO reason to buy a cert..



  • Using Comodo or another ssl certificate is not recommended?
    Which certificate will acme client use? Lets Encrypt? Is there a tutorial I can read how to use that?
    Why I want to use Comodo ssl, because I want to setup squid. And if one of the users at our company access blocked websites it will give a certificate error. I don't want to trust that self-signed ssl in each computer.


  • Rebel Alliance Global Moderator

    That cert has ZERO to do with your webgui cert..


  • Netgate

    You can use a comodo certificate for the web gui if you want to

    Use the certificate manager to create a CSR
    Submit the CSR to Comodo
    Import the certificate when you receive it
    Tell the webgui to use the certificate.

    But yeah, you can't use a "real" certificate for SSL MITM. You don't have the private key so you can't generate the spoofed certs on-the-fly. You have to deploy your own CA to all of your clients to do what you want to do.

    Moving thread to Packages > cache/proxy.