Authenticated Origin Pulls from inside network

I just set up Authenticated Origin Pulls for my domain, but there’s one thing I can’t get my head around.

I like to access my services from inside my network using the domain instead of the IP address. I have a pfSense box as my firewall, and I have NAT reflection on, but as far as I can figure, that won’t have the correct cert with its request so it won’t work.

What are the best practices for having the authenticated origin pull in pace for outside the network phoning in, but still being able to access the services from inside the firewall?

Nginx supports multiple entries for ssl_client_certificate, so you potentially could put a root for yourself in there, however I know support for TLS client certificates isn’t in browsers so you would need to use an API client to access with a presented client certificate.

Also see

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.