Multiple Web Servers
-
@natethegreat21
I'm not expirenced with TCP mode, I only use https with SSL offloading.
For http/s offloading mode you need to import your SSL certificates into pfSense.Anyway you need a pair of ACL + Action for each backend.
Each ACL must have a unique name if you configure both in a single frontend, e.g. game, nextcloud.In TCP mode the proxy cannot read the host header, so it doesn't know the host name. It could only see the SNI.
So you might have to uncheck the ACL expression you have to select something like "SNI extension matches" and enter the SAN name of the SSL certificate.Also I can't really see how you did the port 80 redirection.
-
@viragomann Im going to change it to offloading. What are you missing for port 80. Does it not makes sense?Yeah so now its saying the site cant provide a secure connection SSL error probably because the certs are not there. Should I just generate new certs or reuse the existing one on the Linux box?
-
This post is deleted! -
@natethegreat21 said in Multiple Web Servers:
What are you missing for port 80. Does it not makes sense?
I simply cannot see, how it works from your screenshots.
Should I just generate new certs or reuse the existing one on the Linux box?
Sounds like you're using self-signed certificates.
If so you can generate new one as well, but you can also import existing certificates into pfSense using the cert manager and assign them then in HAproxy. -
@viragomann I just used Acme and generated some LetsEncrypt certs as well as added them to the DNS on my domain provider. Anything greyed out is my Pubilc IP or the web address.
-
-
-
-
@natethegreat21 Closing this out and opening a new topic.
-
This post is deleted!
