The Certificates widget on the Credentials > Certificates screen displays certificates added to SCALE, and allows you to add new certificates, or download, delete, or edit the name of an existing certificate. Each TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface.
The download icon downloads the certificate to your server.
delete deletes the certificate from your server.
Each certificate listed on the widget is a link that opens the **Edit Certificate screen.
TrueNAS can act as a certificate authority (CA). When encrypting SSL or TLS connections to the TrueNAS system, you can import an existing CA or create a CA and certificate on the TrueNAS system. The certificate appears on the dropdown menus for services that support SSL or TLS.
Go to System > CAs and click ADD. Enter a name for the CA, then choose the type from the Type dropdown list of three, Internal CA, Intermediate CA, or Import CA.
The Certificates screen widgets display information for certificates, certificate signing requests (CSRs), certificate authorities(CAs), and ACME DNS-authenticators configured on the system, and provide the ability to add new ones. TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data.
Adding Certificates By default, TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can import and create more certificates by clicking Add in the Certificates window.
By default, TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface.
You can either import or create a new certificate or signing request by navigating to System > Certificates and clicking ADD.
Adding Internal Certificates To add an internal certificate:
Enter the name for the certificate, then select Internal Certificate from the Type dropdown list.
Select an option from the Profiles dropdown list. A profile for the certificate auto-fills options like Key Type, Key Length, Digest Algorithm.
The Certificate Authorities widget on the Credentials > Certificates screen displays certificate authorities(CAs) added to SCALE, and allows you to add new CAs, or download, delete, or edit the name of an existing CA.
The download icon downloads the CA to your server.
delete deletes the CA from your server.
Each CA listed on the widget is a link that opens the Edit CA screen.
Add opens the Add CA wizard that steps you through setting up a certificate authority (CA) that certifies the ownership of a public key by the named subject of the certificate.
The Certificate Authorities widget lets users set up a certificate authority (CA) that certifies the ownership of a public key by the named subject of the certificate.
To add a new CA:
First, add the name and select the type of CA. The Identifier and Type step lets users name the CA and choose whether to create a new CA or import an existing CA. Users can also select a predefined certificate extension from the Profiles drop-down list.
The SCALE CLI guide is a work in progress! New namespace and command documentation is continually added and maintained, so check back here often to see what is new!
The Certificates screen includes the Certificate Signing Requests widget that displays a list of certificate signing requires (CSRs) configured on the system.
Each CSR listed is a link that opens the Edit CA screen for the selected CSR.
The download icon downloads the CSR to your server.
delete deletes the CSR from your server.
Each CSR listed on the widget is a link that opens the Edit CSR screen.
Add opens the Add CSR wizard that steps you through setting up a CSR that certifies the ownership of a public key by the named subject of the certificate.
The Certificate Signing Requests widget allows users configure the message(s) the system sends to a registration authority of the public key infrastructure to apply for a digital identity certificate.
To add a new CSR:
First enter the name and select the CSR type. The Identifier and Type step lets users name the certificate signing request (CSR) and choose whether to create a new CSR or import an existing CSR. Users can also select a predefined certificate extension from the Profiles drop-down list.
The Certificates screen includes the ACME DNS-Authenticators widget that displays a list of configured authenticators. The Automatic Certificate Management Environment (ACME) DNS-Authenticators screen allows users to automate certificate issuing and renewal. The user must verify ownership of the domain before TrueNAS allows certificate automation.
ACME DNS is an advanced feature intended for network administrators or AWS professionals. Misconfiguring ACME DNS can prevent you from accessing TrueNAS. Figure 1: ACME DNS-Authenticators Widget with No Authenticators Each authenticator listed is a link that opens the Edit ACME DNS-Authenticator screen for the selected authenticator.
TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
Compare Editions
TrueCommand
Software Status
FreeNAS
Compare Systems
F-Series
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS Enterprise
Where to Buy