Get a Quote     (408) 943-4100               TrueNAS Discord      VendOp_Icon_15x15px   Commercial Support Toggle between Light and Dark mode
TrueNAS.com Software Systems Company Community Security iX Portal Download

  1. Documentation Hub
  2. /
  3. TrueNAS SCALE
  4. /
  5. SCALE Tutorials
  6. /
  7. Credentials
  8. /
  9. Certificates
  10. /
  11. Setting Up Let's Encrypt Certificates
Edit this page

Setting Up Let's Encrypt Certificates

  2 minute read.

Last Modified 2022-12-12 13:57 -0500

TrueNAS SCALE allows users to automatically generate custom domain certificates using Let’s Encrypt.

Requirements

  • An email address for your TrueNAS SCALE Admin user.
  • A custom domain that uses either Cloudflare or AWS Route 53.
  • A DNS server that doesn’t cache for your TrueNAS SCALE system.

Create an ACME DNS-Authenticator

Go to Credentials > Certificates and click ADD in the ACME DNS-Authenticators widget.

LetsEncryptAcmeDNSAuthenticator

Enter the required fields depending on your provider, then click Save.

For Cloudflare, enter either your Cloudflare Email and API Key, or enter an API Token.

For Route53, enter your Access Key ID and Secret Access Key.

Create a Certificate Signing Request (CSR)

Next, click ADD in the Certificate Signing Requests widget.

You can use default settings except for the Common Name and Subject Alternate Names fields.

LetsEncryptCSR

Enter your primary domain name in the Common Name field, then enter additional domains you wish to secure in the Subject Alternate Names field.

For example, if your primary domain is domain1.com, entering www.domain1.com secures both addresses.

Create ACME Certificate

Click the icon next to the new CSR.

LetsEncryptACMECertificate

Fill out the ACME Certificate form. Under Domains, select the ACME DNS Authenticator you created for both domains, then click Save.

You can create testing and staging certificates for your domain.

Related Content