CertBot / Let'sencrypt
I need to enable on node to be able to verify my SSL certificates when I create them
so I was wondering if there was no easier way, like a pfsense package that would allow cert validation without disabling front ends manualy
We have an ACME package that the firewall can use to issue/renew Let's Encrypt certificates for use by the firewall and services running on the firewall.
If that is not what you are after you are going to have to be a lot more detailed in your request.
What "node"? What "front ends" are you talking about disabling?
well I have 3 apache servers behind a pfsense box,
I disable the loadbalancing on two frontends
I certbot on the remaining frontend
once the cert is validated, I modify my apache config on that machine
Then I reenable the two other fronends
there is a replication going on for apache settings and cert files so the other two front ends get updated automaticaly
the problem is that I have to on on the pfsense admin to disable 2 frontends in the load balancer and if I am not there , my users cannot add new certificates for their applications
is it call ACME or is it a generic ACME term ?
What "load balancer"? Is it relayd or haproxy?
If it is relayd - there is no hope, it cannot be done with ACME/Let's Encrypt.
If you use HAProxy, it can be integrated with ACME/Let's Encrypt, there are many threads for this already.