How To Create pfsense Let's Encrypt Wildcard Certificates using HAProxy

In this video, your PurpleNAS has an IP of but when you configure the DNS Resolver, you set the IP to
What happens when you want to add another entry in host overrides, do you use the same IP (i.e. How does pfsense not confuse this with the IP of the sg1100 router, which also sits at


HAProxy determines based on SNI from your browser what site to send you. But as I stated in the video, the first step is to move the pfsense web interface to a different port.

Hi, So i followed your video and got FreeNAS to work perfectly.
Now when i goto from any device on the network it works.

Then i added an entry for Nextcloud.
This only work from one computer and non of the others. What could be the problem?
Below are the setting have,
FreeNas IP -
Nextcloud IP -

HaProxy Backend

Nextcloud Backend

Front End

DNS Resolver

I’ve been scratching my head and googling for days now.
Apparently Nextcloud is a bit tricky to make it work behind a proxy, but just cannot understand why it would work on only come system and non of the others :confused:

If it is working on one computer, but not the others, I would first check the DNS of the computer that it is not working on.

Hi all-
I’m following this video to setup HAProxy for a few internal only services, as mentioned in the beginning of the video.

I’m setting up the Wildcard ACME Certificate and have learned that I need API access for my domain (hosted by Namcheap). Namecheap requires someone to have 20+ domains before providing API access so I figured I should just move the DNS aspect to another provider such as Digital Ocean or Cloudflare.

I’m a bit confused with what is the best practice: Is it best practice to transfer the entire domain or only the DNS hosting aspect to another provider?

The domain in question is used ONLY for my local network and nothing is publicly hosted on it. I am using a separate domain for my email.

We keep the domain with our registrar of choice and just move the DNS to a service that offers the API.