Search This Blog

Monday, May 22, 2017

Apply SSL Certificate via HAproxy

Hi Again,

Just thought to share, how a SSL certificate is applied to HAproxy LB

First we need to generate “pem” file which includes private key  from “pfx”. It promts for password

# openssl pkcs12 -in dummy.pfx -out dummy.pem  -nodes

Note: pem file which includes private key is important and not just pem file without private key content

Copy this "pem" file to a specific location, say like

# cp dummy.pem /etc/haproxy/ssl/

Configure SSL cert to Haproxy  - In the front end section

frontend www-https
    mode http
    option forwardfor
    option http-server-close
    bind ssl crt /etc/haproxy/ssl/dummy.pem
    reqadd X-Forwarded-Proto:\ https
    default_backend web-backend

and Restart haproxy service

# service haproxy restart

Ola!!!!   When you access your application you must see something like this on the address bar J