After following Tom’s great detailed YouTube turtorial for setting up Acme Let’s Encrypt certs for HAProxy on pfSense I’m finding that my certificate renewals are going out a non-default gateway. I have a rule setup to route one VLAN out over a ‘privacy’ VPN. Under routing - gateways the correct (non VPN) gateway is listed as default. The issue this is causing is I have my Vultr API key restricted to my WAN ip address so renewals fail when it goes out over the VPN. If I stop the OpenVPN service and run the certificate renewal it works fine.
I looked through the pfSense documentation but couldn’t find a setting to define the gateway Acme should use. Am I missing an obvious setting? Is there a way to setup a rule to force Acme to use a specific gateway?
Not something I have ever tested, if no one here answers that you might want to try the Netgate/pfsense forums.
This bug got resolved in the new version released a few days ago. I updated to Acme 0.7.3 and certificate renewals are working properly and going out the default gateway as intended now.