Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    fw1 and fw2 let's encrypt certificates not syncing

    Scheduled Pinned Locked Moved ACME
    acmehaproxyhigh availabilicertificate
    2 Posts 2 Posters 578 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      benson
      last edited by

      I configured both fw1 and fw2 with the acme service for certificates and later, set up certificates on fw1. Someone guide on how to configure fw2 to fetch cerificates from fw1 or how set up fw1 for the sync to work

      1 Reply Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator
        last edited by

        Do it even easier:

        Run acme package on FW1 (I assume it's a CARP cluster with syncing?) and let it create a certificate for both names (fw1.xxx AND fw2.xxx). When it's done, select the cert for the webui. Then login to FW2 and select it, too, as certificates get synchronized automatically (if selected) to the secondary. There choose the same certificate as WebUI cert and be done :)

        Just check that you configure the acme service on fw1 to restart its own webserver after renewal AND via remote the service on fw2 (see the help for this)!

        Greets

        Don't forget to upvote πŸ‘ those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        1 Reply Last reply Reply Quote 2
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.