I want to connect my FreePBX server to Twilio Elastic SIP.
For that, I need to make sure my PBX has a certificate to enable SSL on port 5061.
Instead of renewing the certificate manually, I would like to use ACME to renew the certificate of my PBX from pfSense. And use HAProxy to force the redirect of pbx.mydomain.com to my PBX server communication on 5061.
I’ve got ACME working with my DNS. Do I need to create a a rule on HAProxy for port 5061 only? Or do I need to create a rule for SRTP as well for ports 10,000 and 20,000?