I've looked into making pfSense's Cert Manager our root certification authority (please let me know if this isn't efficient and if I should use Windows Server) and I'm trying to install device certificates to one of our printers, but it's requesting a .pfx file and pfSense can only output .crt and .key, so I tried using OpenSSL to create a .pfx file from those two earlier, and it installs fine, but the webpage for the printer says "ERR_Cert_Invalid", with Chrome complaining about weird gibberish and credentials that the certificate is giving, pretty much saying it expected something correct but the credentials are wrong or corrupted.
Am I doing this right? I love having pfSense as our root CA cause we don't have demanding applications that utilize a Windows Active Directory environment, but if I should use Windows Server instead, even...