Skip to content

Instantly share code, notes, and snippets.

@eightfivelabs

eightfivelabs/gist:eca2c5ec08b76944dc2d1f8cb4c95499

Last active October 26, 2019 18:48
Show Gist options
  • Save eightfivelabs/eca2c5ec08b76944dc2d1f8cb4c95499 to your computer and use it in GitHub Desktop.
Save eightfivelabs/eca2c5ec08b76944dc2d1f8cb4c95499 to your computer and use it in GitHub Desktop.
Download ZIP
Update SSL certificate on FreenNAS 11.2-U6
Raw
gistfile1.md

How to issue an SSL certificate for HTTPS on FreeNAS 11.2-U6

  • FreeNAS GUI > Services > Enable SSH
  • System > Certificates > Delete the existing expired certificate
  • Make sure that the domain you want to issue a certificate for via LetsEncrypt is in your DNS provider with an IP pointing to your machine and also make sure port forwarding to the FreeNAS box is enabled for port 80
  • Log into FreeNAS machine via SSH
  • Install certbot if not installed with pkg install py36-certbot
    • If you receive an error about the local repository, use nano to edit /usr/local/etc/pkg/repos/local.conf and set enabled: no and in /usr/local/etc/pkg/repos/FreeBSD.conf set enabled: yes
  • Stop the WebGUI running with service nginx stop and service django stop
  • Run certbot certonly --standalone and fill out the relevant information
  • The above command should create files in /usr/local/etc/letsencrypt/live/<domain>/
  • Restart the WebGUI with service nginx start and service django start
  • Go back to the FreeNAS GUI > System > Certificates > Add
  • Input an identifier name
  • Change type to Import Certificate
  • Copy the information from /usr/local/etc/letsencrypt/live/<domain>/fullchain.pem and paste it into the Certificate box
  • Copy the information from /usr/local/etc/letsencrypt/live/<domain>/privkey.pem and paste it into the Private Key box
  • Save
  • FreeNAS GUI > Services > Disable SSH
  • Restart FreeNAS if needed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment