Exporting LetsEncrypt Certificates in Automated mode.

smr

Hey everyone,
Can anyone help me to solve a "big problem" for me, but for others i think ... its a "small" problem:) ?
My set up looks like this:
Internet ---> Router (PFSense) ---> VM ISPonfig 3
The Let's Encrypt certificates is generated, registered & renewed by the PFSense (using its own ACME service).
DDNS was done via Cloudflare DDNS by the PFSense as well, with the domains name pointing to the router's WAN IP.
I'm using HAProxy service as a reverse proxy. All works fine included SSL Certicates for my web domains.
All i want to know is there any solution to check, and if certificates has been renewed on PFSense then -> copy my renewed SSL certificates to ISPConfig VM machine, web domains via SSH or any other method?
At this moment i do it manually ... :(
I'm not so good to script this, thats why i need your help. Can anybody help me pls ?
Best Regards.
Thank you.

stephenw10

Why do you need to do that if you're off-loading SSL in HAProxy?

To do that though you would need to pull in the cert and then restart whatever service is using it in the VM. So a script running on the VM seems like the first option. Though allowing the VM direct access to the firewall is a security issue. You might be able to pull it via the gui using a user with limited access similar to the pull automated backup described here:
https://docs.netgate.com/pfsense/en/latest/backup/remote-config-backup.html#pull-it

Steve

smr

@stephenw10 Thank you very much for guiding me. Steve
Best Regards.
SMR