Add Certificate Wizard Identifier and Type Options Certificate Options Certificate Options - Internal Certificate Certificate Options - Import Certificate Certificate Subject Options Extra Constraints Options Extra Constraints - Internal Certificate Import Certificate Options Confirm Options Edit Certificate Screen The Certificates widget on the Credentials > Certificates screen displays certificates added to SCALE, and allows you to add new certificates, or download, delete, or edit the name of an existing certificate.
Adding Certificates Importing a Certificate The Certificates screen widgets display information for certificates, certificate signing requests (CSRs), certificate authorities(CAs), and ACME DNS-authenticators configured on the system, and provide the ability to add new ones. TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data.
Adding Certificates By default, TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can import and create more certificates by clicking Add in the Certificates window.
Add CA Wizard Screens Identifier and Type Options Certificate Options Certificate Subject Options Extra Constraints Options Extra Constraints - Internal or Intermediate CA Import Certificate Confirm Options The Certificate Authorities widget on the Credentials > Certificates screen displays certificate authorities(CAs) added to SCALE, and allows you to add new CAs, or download, delete, or edit the name of an existing CA.
The download icon downloads the CA to your server.
The Certificate Authorities widget lets users set up a certificate authority (CA) that certifies the ownership of a public key by the named subject of the certificate.
To add a new CA:
First, add the name and select the type of CA. The Identifier and Type step lets users name the CA and choose whether to create a new CA or import an existing CA. Users can also select a predefined certificate extension from the Profiles drop-down list.
Add CSR Wizard Screens Identifier and Type Options Certificate Options Certificate Subject Settings Extra Constraints Settings Extra Constraints - Certificate Signing Request Type Import Certificate Signing Request Type Options Confirm Options The Certificates screen includes the Certificate Signing Requests widget that displays a list of certificate signing requires (CSRs) configured on the system.
Each CSR listed is a link that opens the Edit CA screen for the selected CSR.
The Certificate Signing Requests widget allows users configure the message(s) the system sends to a registration authority of the public key infrastructure to apply for a digital identity certificate.
To add a new CSR:
First enter the name and select the CSR type. The Identifier and Type step lets users name the certificate signing request (CSR) and choose whether to create a new CSR or import an existing CSR. Users can also select a predefined certificate extension from the Profiles drop-down list.
Adding a DNS Authenticator Adding an Authenticator with a Shell Script Automatic Certificate Management Environment (ACME) DNS authenticators allow users to automate certificate issuing and renewal. The user must verify ownership of the domain before TrueNAS allows certificate automation.
ACME DNS is an advanced feature intended for network administrators or AWS professionals. Misconfiguring ACME DNS can prevent you from accessing TrueNAS. The system requires an ACME DNS Authenticator and CSR to configure ACME certificate automation.
