So I currently use Acme within pFsense to create a Let’s Encrypt Cert. but the certificate is only good for 90 days
I’m confused as to whether I can use a Cloudflare generate certificate instead of Let’s Encrypt?
And of I can how do I “export” it for use in my pFsense router and export it as a pkcs#12 for use with my Emby server?
Are you referring to an origin certificate? If so, then you can, but it will only be good between Cloudflare and your pfSense./ origin. If you try and access the host directly, then it will throw a certificate not valid error.
Thanks again for the reply - I actually have the ACME package on pFsense with Let’s Encrypt. The problem is that the automation doesn’t works so well (probably user error in part).
But the 3 months is really short. The main issue is not that the cert deeosn’t renew automatically in pFsense , but the cert also has to be transferred to Emby so that Emby can access a pksc#12 version of the cert. There are also “places” that the renewed certs have to be placed in the Synology NAS as well. By the time everything is done it seems pretty confusing —— just would be much easier if I had to do it once a year instead of 4 or 5.
I also made the mistake of doing individual certs for different applications (WebDav, synology access, Emby, etc etc). I guess I could have done a wildcard cert with Let’s Encrypt and that would have made things much easier
I find it much easier to generate the certificates where they need to be used, rather than moving them around. Mine are all configured to renew automatically every 60 days and only require intervention of I need to change something.
You will benefit most by getting your automation working with a visit to the Let’s Encrypt Community. Cloudflare Origin CA certificates are not going to be suitable for your use case.