So after a bit of best practice here.
I have 5 names on my cert that PFSense firewall gets issued. I’m just trying to figure out the best way to get them from my pfsense /conf/acme/name.pem folder to my servers that need them.
There are three ways i can think of.
PFSense exports as p12 (passworded) to a file share locationed on my network, each Linux box pulls them in and copys the files to where they need to be and restarts services.
PFSense scps the files to the servers that need them, and triggers a restart of the each service on the servers.
scp /conf/acme/LiveCert.key [email protected]:/etc/cert/privkey.pem
scp /conf/acme/LiveCert.all.pem [email protected]:/etc/cert/fullchain.pem
Create a new user on PFSense, with access only to /conf/acme/ and have each Linux box scp the files off, then restart services.