SSL offloading

[ebalsumgo]

Is it possible to leverage the Asus to do SSL offloading for apps that get port-forwarded? I know I can potentially do this with nginx as a reverse proxy, but not sure if I will be able to cobble it together enough. I also understand that there will be a CPU/performance hit potentially but right now it seems like a missed opportunity as i get a valid cert on the router but the rest of the devices (that may have their own Lets Encrypt capabilities) cannot use that SSL cert.

 

[sandiegoboy]

Did you hear @ebalsumgo ? I wish there was an easy way to do this

 

[DerScot]

I'm looking to do the same thing. Is the only route currently to use NGINX, and can it utilise the existing Lets Encrypt cert?

 

[sandiegoboy]

I never heard back from OP. I didn't try nginx

 

[Jeffrey Young]

Personally, I have a GoDaddy domain name. I then use acme.sh (updated version from the web, not the built in version), I then use acme.sh along with my GoDaddy API key and get a free SLL certificate (Router certificate and wildcard certificate). I import it into the router for https access to the GUI and NGINX for Reverse Proxy SSL front end. In addition, I have a cron job that checks each night if renewal is required and if so, renew the certificate and rcp to my AD DC (for TLS LDAP).

So, it can be done.