[HOW-TO] Setup Let's Encrypt for OPNSense Web GUI

If your OPNSense instance is exposed to the internet, then a valid SSL certificate is a must-have. And thanks to Let's Encrypt, the process of setting this up is really simple!

  1. Under System --> Firmware --> Plugins, find and install os-acme-client, then refresh page
  2. Under Services --> Let's Encrypt --> Settings, and check Enable Plugin, and hit Apply
  3. Accounts, click the Add New button, and fill in the form, using a valid email address, and save
  4. Under Validation Methods, add a new method. Give it a name, and set the interface (e.g. WAN)
  5. Under Certificates, click Add and fill out the form, with your fully-qualified domain name as the Common Name
  6. Then select the newly created certificate, and click Issue / Renew Certificate
  7. Under System --> Settings --> Administration, in the Web GUI section, under SSL Certificate, select your new certificate, then hit save