fw1 and fw2 let's encrypt certificates not syncing



  • I configured both fw1 and fw2 with the acme service for certificates and later, set up certificates on fw1. Someone guide on how to configure fw2 to fetch cerificates from fw1 or how set up fw1 for the sync to work


  • LAYER 8 Moderator

    Do it even easier:

    Run acme package on FW1 (I assume it's a CARP cluster with syncing?) and let it create a certificate for both names (fw1.xxx AND fw2.xxx). When it's done, select the cert for the webui. Then login to FW2 and select it, too, as certificates get synchronized automatically (if selected) to the secondary. There choose the same certificate as WebUI cert and be done :)

    Just check that you configure the acme service on fw1 to restart its own webserver after renewal AND via remote the service on fw2 (see the help for this)!

    Greets