Pfsense, proxmox, and dual ISPs, and an ubuntu server


I’m using pfsense as my WAN facing router with two WANs configured.
WAN1 is to a cable ISP, and WAN2 is to a 4G mobile ISP - both of course DHCP as far as the pfsense router is concerned. These are configured as backup WANs - one or other, never both active at same time.

All is DDNS and from the Internet into my set up, I use just one domain name such as “”.
Clearly (hopfully) the services on my LAN will show transparently to the Internet whatever WAN is being used - hopfully ddns on pfsense will negociate with what IP is being used.

But, pfsense is running on Proxmox, as well as the ubuntu 16.04 server.

I’m in the process of configuring this up… I’m not expecting to have a problem with Nginx on Ubuntu getting me and renewing a Let’s Encypt certificate.

But I’d like a real certificate on Proxmox and pfsense. These are only available on my local lan.

Can I copy the certificate from the Ubuntu server and use for Proxmox and pfsense?

  • the browser on my laptop on my local lan should still be able to prove trust, as in all three cases the domain appears to be the same

Or is it reasonable to get three separate certificates - or is this considered bad practise.



Hi @jradxl

You are really overthinking the problem.


Are you doing SSL Termination on your PFSense? Why are you trying to install the certificate on the PFSense?



Are they also using the same domain name? Or are they using a separate internal name?

In the first case, you could get a single certificate and copy it onto each device (as long as you’re willing to repeat this process when you renew the certificate every 90 days). In the second case, Let’s Encrypt could not issue certificates for your internal names if the names aren’t subdomains of a publicly-visible domain name.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.