Jack Moore

Email: jack(at)jmoore53.com
Project Updates

PFSense HA Proxy

10 May 2021 » system configuration, sysadmin, eBPF

Installing ACME Package & HAProxy on PFSense

System > Package Manager > Available Packages > Acme (Install)
System > Package Manager > Available Packages > Haproxy

Configuring Acme Keys and Certificates

Services > Acme Account Keys
Add (Green Plus Buttons)
Set (add email, + create new account key, register account key)

Services > Acme Certificates
Add (Green Plus Buttons)
Set (
  - name/
  - description/
  - Change acme account/
  - domain SAN list 
    - Domain Name (whatever domain either www or just root)
    - Method -> Make sure to set to DNS-Manual
)

Then once the Acme Certificate is added Issue the domain
After dns settings are configured click renew

Configuring HAProxy on PFSense

Configuring Backend

Services > HAProxy
Backend > (Add 
  - Name
  - Server List
    - Name
    - Address
    - Port
    - Client Certificate
)

Configuring Frontend

Services > HAProxy
Frontend > (Add 
  - Name
  - Description
  - External Address
  - Port (set to 443)
  - Enable SSL Offloading
  - ACL List (path/or "host matching")
  - Action List (
      Action - Use Backend
  )

In the SSL Offloading Section
  - Certificate > Set the certificate and enable Add ACL for certificate Subject Alternative Names.

© Jack Moore