You know… in case you need it for the backend service… or a front end IDS inspection… whatever suits your needs for the export.
Step 1) Locate the Key and certificate, use the ACME logs!
cat /var/log/acme.sh.log | grep “Your cert”
*No that is not a variable for your cert, actually use the line as is
Step 2) Identify your Certificate and Key
Step 3) run the openssl command to create your file:
openssl pkcs12 –export –out certificate.pfx –inkey privateKey.key –in certificate.crt
Step 4) use WinSCP to copy your files to your workstation
*Note use SFTP when connecting to OPNsense, for some reason SCP just no worky