PfSense, Remote LAPI with TLS

urbaman · December 31, 2024, 6:03pm

Hi,

I cannot seem to be able to register pfsense machine/booncer with a remote lapi using TLS.

If I try to connect to https://lapi-ip:8080/ I receive a

time="2024-12-31T18:57:55+01:00" level=fatal msg="unable to start crowdsec routines: authenticate watcher (pfsense): Post \"https://10.0.100.204:8080/v1/watchers/login\": performing jwt auth: tls: failed to verify certificate: x509: cannot validate certificate for 10.0.100.204 because it doesn't contain any IP SANs"

If I try to connect to http://lapi-ip:8080/ I receive a

time="2024-12-31T19:02:07+01:00" level=fatal msg="unable to start crowdsec routines: authenticate watcher (pfsense): API error: http code 400, no response body"

Is there a way to manage the registration through the TLS handshake?

Thank you.

iiAmLoz · January 2, 2025, 9:57am

How did you generate the TLS certificates that the LAPI is using?

Topic		Replies	Views
Multi server: TLS handshake error crowdsec	24	1644	May 25, 2023
Registering windows node to remote lapi crowdsec	9	41	December 22, 2024
Docker running Traefik with CrowdSec Bouncer and PFsense as SE (LAPI)	3	586	May 21, 2024
Cannot figure out why agent on my LAN cant connect to lapi on remote server through tailscale. the servers can ping eachother fine crowdsec	1	949	April 20, 2023
Servers IP Banned, cannot access decisions due to JWT error crowdsec	1	82	October 2, 2024

PfSense, Remote LAPI with TLS

Related topics