Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Lets encrypt howto
« previous
next »
Print
Pages: [
1
]
Author
Topic: Lets encrypt howto (Read 9525 times)
ruggerio
Sr. Member
Posts: 295
Karma: 11
Lets encrypt howto
«
on:
July 18, 2018, 12:11:07 pm »
Hi,
I configured the letsencrypt-service on a forwarded webserver.
I could issue certificates without Problem, but how is the webserver aware of the new issued certifcates? Should i sync those certificates via rsync between opnsense and the webserver?
If the new issued certificates are not accessible from webserver, this will just drop certificate-errors
Thx
Roger
Logged
franco
Administrator
Hero Member
Posts: 17656
Karma: 1610
Re: Lets encrypt howto
«
Reply #1 on:
July 19, 2018, 12:33:40 am »
Hi Roger,
There is manual work involved here... unless you use haproxy acme-client integration and let the OPNsense handle the SSL connection for the internal servers and afterwards just redirect them.
Here's the original doc for the integration:
https://github.com/opnsense/plugins/pull/71
Cheers,
Franco
Logged
fraenki
Full Member
Posts: 175
Karma: 29
Re: Lets encrypt howto
«
Reply #2 on:
August 14, 2018, 04:30:05 pm »
I second that. Use HAProxy to do the SSL offloading and proxy requests to your webserver(s). This way OPNsense will do everything for you
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
Lets encrypt howto