Last Updated on August 6, 2022 by Thiago Crepaldi
If you recently upgraded to pfSense 2.5, you may have received notifications about some CA/Certificate entries close to expiring. The exact message would be something like “The following CA/Certificate entries are expiring: Certificate Authority: Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US”
The fix is quite simple, just visit System >> Cert Manager >> CAs and find the entry “Acmecert: O=Let’s Encrypt, CN=Let’s Encrypt Authority X3, C=US”. You should see a “Valid until” in yellow, with a near by date (less than 30 days, usually). Note also there is a “X3” in the CA name. Just click on Delete (trash bin icon) and confirm clicking on Ok.
This is safe to do because you must have another CA for Let’sEncrypt which contains “R3” in the name. Something like “Acmecert: O=Let’s Encrypt, CN=R3, C=US”
That is it, have fun!