Import OPNsense

Import from OPNsense (UCM v2.50)

Version: 2.142

Overview

UCM can import certificates and CAs directly from OPNsense firewalls.

Prerequisites

OPNsense API key and secret
Network access to OPNsense (typically port 443)
Admin permissions in UCM

Configuration

Get OPNsense API Credentials
- Login to OPNsense
- System → Access → Users
- Edit your user → API Keys
- Generate new key
- Save key and secret
Configure in UCM
- Navigate to Operations page
- OPNsense Import section
- Enter:
  - Host: https://opnsense.example.com
  - API Key: your-key
  - API Secret: your-secret
Test Connection
- Click "Test Connection"
- Should show: ✅ Connected to OPNsense

Import Process

Navigate to Import
- Operations → Import from OPNsense
Select Items
- ☑ Root CAs
- ☑ Intermediate CAs
- ☑ Certificates
- ☑ Include private keys (if available)
Import
- Click "Start Import"
- Progress shown for each item
- Summary displayed

What Gets Imported

Certificate Authorities (Root, Intermediate)
Server certificates
Client certificates
Private keys (if exported from OPNsense)
Certificate chains

Limitations

OPNsense must have export enabled
Some data may not be preserved (custom extensions)
Requires manual configuration of OCSP/CRL URLs

See Troubleshooting for import issues.

Import OPNsense

Import from OPNsense (UCM v2.50)

Overview

Prerequisites

Configuration

Import Process

What Gets Imported

Limitations

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!