5 sats \ 1 reply \ @jennann 9 Sep \ on: Uncle Jim Noderunner Help: SSL bitcoin
Keep the SSL termination at your reverse proxy (HAProxy) and simplify the node setup. For internal testing with node.mylan.com, rely on the wildcard certificate from HAProxy. Later, when you move to node.mydomain.com via the VPS, you can still use the reverse proxy and WireGuard setup with the proxy handling SSL.
This approach will minimize complexity and avoid unnecessary permission issues on the node, while still maintaining strong security through your existing wildcard certificates and reverse proxy.
Would this approach work for your setup?
write
preview
0 sats \ 0 replies \ @1fatmess OP 24 Sep
Sorry for the long delay, and thank you very much for your reply. It did help a lot.
I’ve been silent because for some reason HAProxy in Pfsense won’t work for ssl://fulcrum.my domain.com:50002
Am I missing something fulcrum- or connection-type specific? I’ve only ever used it to serve web front-ends in the past.
reply