Import TLS certificates into TrueNAS

3min

This section explains how to import the TrueNAS TLS certificate, TrueNAS private key, and CA certificates into TrueNAS through the web interface.
Before importing, you must export the client private key from the PKCS #12 file by using OpenSSL. Perform the following tasks:
1 | Extract the client private key from the PKCS #12 file
1
Open a terminal application that has OpenSSL installed.
2
Go to the directory with the PKCS #12 file.
3
Run the following OpenSSL command to extract the clear client private key from the PKCS #12 file and save it to a new PEM file:
Text
$ openssl pkcs12 -in pki.p12 -out client-key.pem -nodes -nocerts
$ openssl pkcs12 -in pki.p12 -out client-key.pem -nodes -nocerts
﻿
The command prompts for the import password. Enter the password contained in the pki-password.txt file.
2 |Import the CA certificate
1
Log in to the TrueNAS web interface.
2
Go to System > CAs and select [ Add ].
3
In the Type drop-down menu, select Import CA.
4
Enter a name for the CA, then paste the CA certificates from the ca-chain.pem file into the Certificate field.
5
Leave the Private Key and Passphrase fields empty and select [ Submit ].
3 | Import the TrueNAS certificate
1
Log in to the TrueNAS web interface.
2
Go to System > Certificates and select [ Add ].
3
In the Type drop-down menu, select Import Certificate.
4
Enter a name for the certificate, and paste the TrueNAS certificate (client-cert.pem) and private key (client-key.pem) into the appropriate fields.
5
Leave the Passphrase field empty and select [ Submit ].
﻿

Updated 11 Dec 2024

Did this page help you?

Deploy new client endpoint on the CryptoHub

Configure KMIP in TrueNAS