"
Hey all,
I've been looking into setting up a signed cert for my OPNsense webGUI and I see that i'll require an FQDN. I have subdomain created with google domains but I don't want to open up the webGUI to the public internet permanently.
here is the info in the lets encrypt > validation section for IP address
does this mean that when i configure my subdomain to point to my router public IP, that a firewall rule will be created temporarily and then be removed?
im confused about the NOTE as well - where do the official IP addresses need to be configured locally?
I've been looking into setting up a signed cert for my OPNsense webGUI and I see that i'll require an FQDN. I have subdomain created with google domains but I don't want to open up the webGUI to the public internet permanently.
here is the info in the lets encrypt > validation section for IP address
Code Select
The FQDN's used in your certificate must currently point to one or more official IP addresses. Enter the all of these IP addresses here. OPNsense will automatically create a temporary port forward to allow the Let's Encrypt validation to succeed. This will lead to a short downtime of the service that is normally used with these IP addresses.
NOTE:This will ONLY work if the official IP addresses are LOCALLY configured on your OPNsense firewall.does this mean that when i configure my subdomain to point to my router public IP, that a firewall rule will be created temporarily and then be removed?
im confused about the NOTE as well - where do the official IP addresses need to be configured locally?
