Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Export letsencrypt certificates from config.conf to servers in the LAN

    Cache/Proxy
    1
    1
    655
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      michaelschefczyk last edited by

      Dear All,

      There seems to be an increasing number of web applications which can be run behind HAProxy but which would need to know details about the current certificate in use.

      One example is the Synapse/Matrix online chat, Voice over IP and Videotelephony server. Look up "load balancer" in the matrix faq, if you would like to learn details: https://matrix.org/docs/guides/faq.html

      For such aims, it would be great if one could alternatively (a) export certs from pfSense's config.conf right after they were generated, e. g. via a script invoked by the Acme Certificates service to send certificate and key by scp, rsync and the like plus trigger an update script on the destination server or (b) generate the certificates on the lan, implant them to config.conf and restart HAProxy.

      This is beyond the current/advanced thinking of generating certificates on the pfSense server outside config.conf like here: https://forum.pfsense.org/index.php?topic=107161.0 Seperate certificates will not easily be available to HAProxy, I think. Some of what is required would be rather close to OpenVPN Client Export.

      Does anyone know how to achieve this?

      Regards,

      Michael Schefczyk

      1 Reply Last reply Reply Quote 0
      • First post
        Last post