Redirect requests to to

Hey all,

I’m trying to figure out the best way to configure pfSense to redirect all requests to to Is there an easy way to accomplish this?

Much appreciated!

My knowledge on that topic is definitely not exhaustive, but as far as I know there is no way to do what you are asking that doesn’t require terminating the TLS connection at a proxy (HAproxy, squid, etc.) and therefore needing to install certificates on all clients.

This thread explains why you cannot go around decrypting the traffic when you want to make redirects.

Since the hostname is unencrypted due to SNI, requests to can be detected by a proxy and the destination IP rewritten to one of’s addresses. But that doesn’t change the Host http header of the request, so the server will receive a request for which it won’t know how to answer.

I agree with @paolo here. You’d need a forward proxy that could change the domain, but depending on how Amazon does their certs it probably won’t work.

Amazon uses HSTS and Cert Pinning so if your browser is expecting a cert to come from then it won’t accept a cert from

But then you still have the issue of the HTTP header. will receive a GET request for which it won’t know what to do with (probably).

Your better option is to download a browser extension to do this automatically.