Multiple https web servers single public IP behind NAT

  • I have a single public IP on the WAN interface with NAT on.

    I have 443 forwarded to webserver1 with the ssl certificate loaded on webserver1.  It is not a wildcard certificate.
    I have 80 forwarded to webserver2 with no ssl.  I have a non wildcard certificate for it, but cannot use it on the server because 443 forwards to webserver1.

    I'd like to be able to access webserver2 with it's own ssl certificate but without using a non standard port.

    Is there any way to accomplish this using pfsense's certificate store and something like mod_apache?

    I'd rather not purchase a wildcard ssl certificate, but I will if that is the only way.

    I've tried to get mod_apache working before without much success, and if it won't work with the ssl, then I won't pursue it further, but if it's possible I'll take the time to get it going.



  • Not sure about SSL, but it sounds like you are looking for something like varnish or haproxy.

  • Pretty sure he's looking for something like ProxyPass for apache.  I don't think there is a sutible module for pfSense, but I've never really looked for one before either.

Log in to reply