I'm using pfsense as my WAN facing router with two WANs configured.
WAN1 is to a cable ISP, and WAN2 is to a 4G mobile ISP - both of course DHCP as far as the pfsense router is concerned. These are configured as backup WANs - one or other, never both active at same time.
All is DDNS and from the Internet into my set up, I use just one domain name such as "xxx.dyndns.org".
Clearly (hopfully) the services on my LAN will show transparently to the Internet whatever WAN is being used - hopfully ddns on pfsense will negociate with dydns.org what IP is being used.
But, pfsense is running on Proxmox, as well as the ubuntu 16.04 server.
I'm in the process of configuring this up.... I'm not expecting to have a problem with Nginx on Ubuntu getting me and renewing a Let's Encypt certificate.
But I'd like a real certificate on Proxmox and pfsense. These are only available on my local lan.
Can I copy the certificate from the Ubuntu server and use for Proxmox and pfsense?
- the browser on my laptop on my local lan should still be able to prove trust, as in all three cases the domain appears to be the same
Or is it reasonable to get three separate certificates - or is this considered bad practise.