pfSense DNS Resolver / Host Overrides / CERTBOT SSL

hypernova

I have a DNS Resolved / Host Overrides / CERTBOT question... I assume this is the right subforum to post but I am not completely sure.

Here's an overview of my system.

I have a domain name which points to my external IP. Ports 80 and 443 are opened on pfSense. Web traffic to my IP on these ports should be forwarded to 2 or more servers.

I do this using

pfSense / DNS Resolver / General Settings / Host Overrides

which I assume is the correct settings within pfSense to change. Here's a list of settings. (Which I've faked for security reasons.)

Currently apple.mydomain.co.uk appears to be working fine

orange.mydomain.co.uk redirects to the same webhost as apple

cauliflour.mydomain.co.uk redirects to the correct webhost, with IP 10.0.0.200, orange should direct to this IP as well, but it doesn't.

orange and cauliflour should direct to the same machine with the same IP, but should be served by a different virtual host in nginx.

Finally, cheese.mydomain.co.uk directs to another machine, and this works.

I don't know how to debug the issue of cauliflour being directed to the wrong machine.

Further to this, I want to be able to redirect www.orange.mydomain.co.uk to the same IP as orange.mydomain.co.uk. However www.orange... redirects to the same machine as apple.mydomain.co.uk.

I thought I should be able to add www.orange as a "host" in "host overrides", but it appears to be the case that only a single string like "abcde" can be entered here not something like "abcde.xyz".

Sorry if this isn't the clearest question, I'm new to all this stuff.

viragomann

If you want to add an additional host name, edit the existing entry, go down to Additional Names for this Host and enter it there.

@hypernova said in pfSense DNS Resolver / Host Overrides / CERTBOT SSL:

I thought I should be able to add www.orange as a "host" in "host overrides", but it appears to be the case that only a single string like "abcde" can be entered here not something like "abcde.xyz".

Here is only the "www" to be entered into the host box, the rest is to be entered into the domain box. The host is only the part between the left and the first dot.

hypernova

@viragomann Thanks for the pointer, I encounter two errors however when trying to do this

• The field Alias Domain is required.
• A valid alias hostname is specified, but the domain name part should be omitted

I entered www.orange into the host name field, and mydomain.co.uk into the domain field.

I should add, I tried removing the domain field, but still the same error occured.

viragomann

@hypernova
As I mentioned above, the host name part is ever from the left to the first dot.
So for www.orange.mydomain.co.uk enter
www into the host field and
orange.mydomain.co.uk into the domain field.

hypernova

@viragomann Ah, yes I see that works.

Ok I guess I was confused as to what hostname/domain name means. I thought host was always the physical machine, but obviously I was mistaken.

I don't fully understand how it works in detail.