DNS settings for use with a free StartSSL certificate
I'd like to set up my pfsense box with a valid certificate so that captive portal users don't get a scary message.
I own a .co.uk domain and have set firewall.mydomain.co.uk to the external IP address of my ADSL router. My ADSL router assigns a 192.168.1.0/24 address to the WAN interface of my pfsense box.
I'll be obtaining and importing a free StartSSL.com certificate for firewall.mydomain.co.uk shortly (DNS propagation in progress).
Are the following settings correct:
System > General Setup
Services > DHCP Server
Domain name: lan
Services > DNS Forwarder
Host Override: firewall.mydomain.co.uk -> 10.1.1.1 (my pfsense box's LAN IP)
With the above settings, if a user is taken to the captive portal login page at firewall.mydomain.co.uk, will they get a certificate warning from the browser?
Many thanks in advance!