Hey everyone,
Does anyone know how to use let’s encrypt with Google domains on of sense. I can find some info online but it seems to be all over the place.
An assumption is you use the free Cloudflare for your DNS. If you opt to use Google to manage your DNS for your Google Domain you will have to use “Standalone” HTTP or HTTPS mode. I do not use this option.
In pfSense ->Services -> Acme Certificates then 3rd tab select “Account Keys”. Create yourself account keys by entering the google email associated with your google domain. Use the pull down option for the V2. Click Create New Account Key, then Register ACME Account Key. Save Settings.
On 2nd Tab select “Certificates” and Add. Enter name (I use my domain name), default Status of Active and then make sure ACME account is selected for your appropriate account. Under Domain SAN List select Active and type your domain name you are wanting certificate for. For Method select “DNS-Cloudflare” and enter your API key (Found under your Cloudflare account for Global API Key).
If you have sub.domain names you can enter each of those in separate entries and each of them will receive certificates. DNS-Sleep is left blank but enter the command under Action List to “restart the web GUI”.
Once you save this, it willl take a minute or two to see if the certificate is received. You will either see a green status at the top of the screen when done saying it was successful or Red if it was not.
Good Luck.
Thanks. What if I want to use Google DNS how do you set up manual https mode?
Thanks braf
I dont know. Never used that method.
1 Like
I see that acme v2 is available now. some forums are suggesting there is a way to get this to work with google domains. has anyone had any success with this and pfsense yet?
Hi there,
This is way too late, but I struggled for a day with this and I find the best way is to use DNS manual. You will be asked to add a txt record with some specific key on your dns and renew. It really worked fine, using http standalone was a real hassle.
1 Like
@mm148881
Really been looking for this for a good 2-3 weeks already on and off a few hrs each day. Is your methods automated or do you have to go and update it once in a while. I assume you setup DNS manual with the google domain and google name servers correct?
I want to avoid whatever limit that cloudflare is doing with their free dns server. There is the option in google domain to choose dns server and select cloudflare but to me that didn’t seem like the best option. The way Tom did it with digitalocean seem so easy as it is already a selection in pfsense.
Just curious if pfsense is behind another firewall do i have to port forward 80 and 443 to get it to work (probably with rule for source and destination to secure it better)? I assume I would need reverse proxy too to make it more secure. Ideally if there is a DNS selection on pfsense that would be best. But currently google doesn’t appear in pfsense under METHOD for the Domain SAN list.