Get a Quote     (408) 943-4100   TrueNAS Discord VendOp_Icon_15x15px Commercial Support
TrueNAS.com Software Systems Company Community Security iX Portal Download
TrueNAS CORE TrueNAS Enterprise TrueNAS SCALE Compare Editions TrueCommand Software Status FreeNAS
Compare Systems F-Series M-Series X-Series R-Series Mini Series
About iXsystems Our Clients Reviews Careers Awards iX Blog & News iX Website Contact Us
Community Forum Discord TrueNAS GitHub TrueNAS Merch Store
Application Analytics Backup and Archival Cloud Data Mobility File Sharing iX Storj Media Creation Video Surveillance Virtualization
Industry Automotive Education Gaming Government Healthcare MSP Manufacturing Research & AI Media & Entertainment
Download TrueNAS CORE Download TrueNAS SCALE Get TrueNAS Enterprise Compare TrueNAS Editions Where to Buy

Adding ACME DNS-Authenticators

Automatic Certificate Management Environment (ACME) DNS authenticators allow users to automate certificate issuing and renewal. The user must verify ownership of the domain before TrueNAS allows certificate automation. ACME DNS is an advanced feature intended for network administrators or AWS professionals. Misconfiguring ACME DNS can prevent you from accessing TrueNAS. The system requires an ACME DNS Authenticator and CSR to configure ACME certificate automation. Adding a DNS Authenticator To add an authenticator,
Read full post gdoc_arrow_right_alt

Certificates

Use the Credentials > Certificates screen Certificates, Certificate Signing Requests (CSRs), Certificate Authorities (CA), and ACME DNS-Authenticators widgets to manage certificates, certificate signing requests (CSRs), certificate authorities (CA), and ACME DNS-authenticators. Each TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data. Contents Managing Certificates: Provides information on adding or managing SCALE certificates.
Read full post gdoc_arrow_right_alt

Certificates

The Certificates screen displays widgets for Certificates, Certificate Signing Requests (CSRs), Certificate Authorities (CA), and ACME DNS-Authenticators that each provice access to all the information for certificates, certificate signing requests (CSRs), certificate authorities (CA), and ACME DNS-authenticators respectively. Each TrueNAS comes equipped with an internal, self-signed certificate that enables encrypted access to the web interface, but users can make custom certificates for authentication and validation while sharing data. Contents Certificates Screens: Provides information on the Certificates screens and settings.
Read full post gdoc_arrow_right_alt

Creating ACME Certificates

TrueNAS SCALE allows users to automatically generate custom domain certificates using Let’s Encrypt. Requirements An email address for your TrueNAS SCALE Admin user. A custom domain that uses Cloudflare, AWS Route 53, or OVH. A DNS server that does not cache for your TrueNAS SCALE system. Create an ACME DNS-Authenticator Go to Credentials > Certificates and click ADD in the ACME DNS-Authenticators widget. Enter the required fields depending on your provider, then click Save.
Read full post gdoc_arrow_right_alt

CAs

Identifier and Type Setting Description Name Descriptive identifier for this certificate authority. Type Select the CA type from the dropdown list of options. Select Internal CA for a certificate authority that functions like a publicly-trusted CA used to sign certificates for an internal network. This CA is not trusted outside the private network. Select Intermediate CA for a CA that lives between the root and end-entity certificates. Its main purpose is to define and authorize the types of certificates requested from the root CA.
Read full post gdoc_arrow_right_alt

Certificates

Identifier and Type Name Description Name Descriptive identifier for this certificate. Type Internal Certificate is used for internal or local systems. Certificate Signing Request is used to get a CA signature. Import Certificate allows an existing certificate to be imported onto the system. Import Certificate Signing Request allows an existing CSR to be imported onto the system. Profiles Predefined certificate extensions. Choose a profile that best matches your certificate usage scenario.
Read full post gdoc_arrow_right_alt

Configuring ACME DNS

This feature is only available in the open-source supported TrueNAS CORE. Automatic Certificate Management Environment (ACME) is available for automating certificate issuing and renewal. The user must verify ownership of the domain before certificate automation is allowed. ACME certificate automation requires an ACME DNS Authenticator and a Certificate Signing Request. Adding ACME DNS Authenticators Go to System > ACME DNS and click ADD. Name the authenticator. Leave Authenticator set to Route53.
Read full post gdoc_arrow_right_alt

ACME DNS

Automatic Certificate Management Environment (ACME) is available for automating certificate issuing and renewal. Add DNS Authenticators Name Description Name Internal identifier for the authenticator. Authenticator DNS provider for the authenticator. Amazon Route 53 is the only supported DNS provider in TrueNAS CORE. Access ID Key Key generated by the Amazon Web Services account. See the AWS Access Key documentation for instructions to generate the key. Secret Access Key Key generated by the Amazon Web Services account.
Read full post gdoc_arrow_right_alt