Forgot who said finding some way using cert without NAT
finally i find some way to do it
but pfsense help me spelled some magic
i am not professional on network / security
i only can explain it like I'm 65535, who can explain it to 5?
sorry for poor articles and English
tl;dr
You need
- DNS Resolver
- Public domain name
- Some thing like Let's Encrypt
Step
1. Create subdomain and cert it
Because it's valid CA, it will show valid in browser
2. Create Host Overrides on your DNS Resolver
Because cert will check your domain name and actual domain in url
You must using Step 1 subdomain name
3. Set your server using subdomain cert
Top comments (0)