OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)
« previous next »
  • Print
Pages: [1]

Author Topic: Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)  (Read 1947 times)

abij

  • Newbie
  • *
  • Posts: 13
  • Karma: 1
    • View Profile
Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)
« on: February 05, 2019, 07:10:34 pm »
Hello,

My web server (only one server active when renewing cert) is behind an Opnsense router with hdproxy. Haproxy was set up with "Option pass-through: Add send-proxy" under "Real Servers Tab". This is used for logging real IPs of those who visited my website. But when send_proxy is present as pass-through option, Letsencrypt cert (on the server, not Opnsense router) has difficulties renewing itself. It will show error "Type: connection Detail: Error getting validation data".

As soon as I turn off "Option pass-through: Add send-proxy", I can renew cert without problems. So this means, I cannot use crontab to auto renew certificate; rather, I have to turn send_proxy on and off whenever I have to renew a cert.

I was wondering if there is an automatic way of keeping send_proxy and renewal of Letsencrypt cert.

Thanks.
« Last Edit: February 05, 2019, 07:29:58 pm by abij »
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2