pfSense

This fix will be in 2.4 and 2.3.4 snapshots shortly. To apply the fix early, or to apply the fix to existing 2.3.3-p1 systems, follow these steps:

• Install the System Patches package ( https://doc.pfsense.org/index.php/System_Patches )
• Add a new patch under System > Patches
• Give it a Description such as "certsanfix"
• Enter the appropriate URL/Commit ID for the firewall version:
  • 2.4 snapshots: a636256cf9a7e27cf5d26c7677d0b7961e0fb143
  • 2.3.4 snapshots: cad0d5bc8da8034c4fa7f41e5476a80b0c38b04f
  • 2.3.3-RELEASE-p1: c1a42e25a35b16821eaf88418c449741d1638c00

• Set Path Strip Count to 2 (this should be set automatically on save, but do it anyhow just in case)
• Click Save
• Click Fetch on the patch entry in the list
• Click Apply on the patch entry in the list
• Open a console or shell prompt, enter option 8 for the shell
• Run the following command::

    pfSsh.php playback generateguicert

The firewall will generate and activate a fresh GUI certificate.

Connect to the GUI with a browser to test.

Would be probably good to show the SANs in the Cert. Manager (in place/in addition to CN) -- somehow doesn't seem to be the case (at least looking at the certs produced by ACME package.)

Likely better handled with a separate ticket though.

That's on my to-do list as well, I was thinking a "view certificate" icon/operation may be more useful, to print all of the properties in the certificate.

Hello!
Certificates work fine for Chrome 58 if you add CN also in 'Alternative Names' -> 'FQDN or Hostname'.