The Certificates widget on the Credentials > Certificates screen shows certificates added to TrueNAS.

Import opens the Import Certificate screen.

The more_vert icon for a listed certificate shows a dropdown list of options: Download, Edit, and Delete. Each TrueNAS has an internal certificate that enables encrypted access to the web interface.

download Download downloads the certificate to the system. In Windows, this is the Downloads folder.

The Certificates screen shows information for certificates, certificate signing requests (CSRs), and ACME DNS-authenticators configured on the system, and provides the ability to import or edit them. TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data.

By default, TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can import and edit existing certificates.

The Certificate Signing Requests widget, on the Certificates screen, shows a list of certificate signing requests (CSRs) configured on the system. CSR.

The more_vert icon for a listed CSR shows a dropdown list of options: Create ACME Certificate, Download, Edit, and Delete.

The Certificate Signing Requests widget allows users to configure a message that the system sends to a registration authority of the public key infrastructure to apply for a digital identity certificate.

An ACME certificate is created based on the settings in the selected CSR.

The ACME DNS-Authenticators widget, on the Certificates screen, shows configured authenticators. Automatic Certificate Management Environment (ACME) DNS-Authenticators allow users to automate certificate issuing and renewal. The user must verify ownership of the domain before TrueNAS allows certificate automation.

ACME DNS is an advanced feature intended for network administrators or AWS professionals. Misconfiguring ACME DNS can prevent you from accessing TrueNAS.

The system requires an ACME DNS authenticator and CSR to configure ACME certificate automation.

Add opens the Add DNS-Authenticator screen.

Automatic Certificate Management Environment (ACME) DNS authenticators allow users to automate certificate issuing and renewal. The user must verify ownership of the domain before TrueNAS allows certificate automation.

ACME DNS is an advanced feature intended for network administrators or AWS professionals. Misconfiguring ACME DNS can prevent you from accessing TrueNAS.

The system requires an ACME DNS Authenticator and CSR to configure ACME certificate automation.

To add an authenticator,

Use the Credentials > Certificates screen to manage certificates, certificate signing requests (CSRs), and DNS authenticators with the Certificates, Certificate Signing Requests (CSRs), and ACME DNS-Authenticators widgets.

Each TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can import custom certificates for authentication and validation while sharing data.

The Certificates screen displays widgets for Certificates, Certificate Signing Requests (CSRs), and ACME DNS-Authenticators that each provice access to all the information for certificates, certificate signing requests (CSRs), and ACME DNS-authenticators respectively.

Each TrueNAS comes with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data.

TrueNAS allows users to automatically generate custom domain certificates using Let’s Encrypt.

• An email address for your TrueNAS admin user.
• A custom domain that uses Cloudflare, DigitalOcean, Amazon Route 53, or OVHcloud.
• A DNS server that does not cache for your TrueNAS system.

Go to Credentials > Certificates and click ADD in the ACME DNS-Authenticators widget.