Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CertBot / Let'sencrypt

    Scheduled Pinned Locked Moved ACME
    4 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      phil123456
      last edited by

      Hi,

      I need to enable on node to be able to verify my SSL certificates when I create them
      so I was wondering if there was no easier way, like a pfsense package that would allow cert validation without disabling front ends manualy

      thanks

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        We have an ACME package that the firewall can use to issue/renew Let's Encrypt certificates for use by the firewall and services running on the firewall.

        If that is not what you are after you are going to have to be a lot more detailed in your request.

        What "node"? What "front ends" are you talking about disabling?

        Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • P
          phil123456
          last edited by

          well I have 3 apache servers behind a pfsense box,

          so far

          I disable the loadbalancing on two frontends
          I certbot on the remaining frontend
          once the cert is validated, I modify my apache config on that machine
          Then I reenable the two other fronends
          there is a replication going on for apache settings and cert files so the other two front ends get updated automaticaly

          the problem is that I have to on on the pfsense admin to disable 2 frontends in the load balancer and if I am not there , my users cannot add new certificates for their applications

          is it call ACME or is it a generic ACME term ?

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            What "load balancer"? Is it relayd or haproxy?

            If it is relayd - there is no hope, it cannot be done with ACME/Let's Encrypt.

            If you use HAProxy, it can be integrated with ACME/Let's Encrypt, there are many threads for this already.

            Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.