Hi,
I configured the letsencrypt-service on a forwarded webserver.
I could issue certificates without Problem, but how is the webserver aware of the new issued certifcates? Should i sync those certificates via rsync between opnsense and the webserver?
If the new issued certificates are not accessible from webserver, this will just drop certificate-errors
Thx
Roger
Hi Roger,
There is manual work involved here... unless you use haproxy acme-client integration and let the OPNsense handle the SSL connection for the internal servers and afterwards just redirect them.
Here's the original doc for the integration:
https://github.com/opnsense/plugins/pull/71
Cheers,
Franco
I second that. Use HAProxy to do the SSL offloading and proxy requests to your webserver(s). This way OPNsense will do everything for you :)