Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HA Proxy Client Cert Setup

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 327 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vito
      last edited by

      We are trying to configure the use of a client cert for some (if not all) sites
      But are not having any luck. Is there a good step by step somewhere?
      I don't have what has been configured ATM as we had to set our settings back from testing.

      Any help/tips with the ACL, Actions, settings would be greatly appreciated!

      (We are using DEV)

      dragoangelD 1 Reply Last reply Reply Quote 0
      • dragoangelD
        dragoangel @vito
        last edited by dragoangel

        @vito hi,
        There already a gui block special for user certs, did you tried enable it for one of your frontends?
        If this not enough you can configure custom settings for frontend for user certificate validation usind native haproxy syntax. Good to have in bookmarks: https://cbonte.github.io/haproxy-dconv/ and read what you need. Please use devel package due another one is too old. I even say that devel package is old, waiting for 2.5.x stable with haproxy 2.0 ✌

        Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
        Unifi AP-AC-LR with EAP RADIUS, US-24

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.