Author Topic: HA Proxy with self signed Certs + Verify SSL Certificate (Read 1974 times)

mliebherr · « **on:** August 10, 2018, 01:04:21 pm »

Hello,

my goal is to set up a reverse proxy to allow https access to my exchange server only with signed certs.

Here is my setup: https://image.ibb.co/hrpUMU/opnsense_HA_Proxy.jpg

There is an option called: "Verify SSL Certificate" in the Real Servers TAB.

I guess this is for the communication between HA_Proxy and the Real Backend Server.

Can i enable this "Verify SSL Certificate" for the public side, too?

For my Test scenario i used HTTP as a backend to make sure i dont have some ssl mistakes here.

In a nutshell: Where can i enable "Verify SSL Certificate" on the WAN/Public side?

Thanks, Mario

mimugmail · « **Reply #1 on:** August 10, 2018, 01:07:51 pm »

Do you need client certificate authentication so only users with client certificates can connect to HAProxy?

mliebherr · « **Reply #2 on:** August 10, 2018, 01:20:53 pm »

mimugmail · « **Reply #3 on:** August 10, 2018, 02:10:36 pm »

It's not (yet) possible:
https://github.com/opnsense/plugins/issues/426

You can ping the author via github ...

Author Topic: HA Proxy with self signed Certs + Verify SSL Certificate (Read 1974 times)

mliebherr

HA Proxy with self signed Certs + Verify SSL Certificate

mimugmail

Re: HA Proxy with self signed Certs + Verify SSL Certificate

mliebherr

Re: HA Proxy with self signed Certs + Verify SSL Certificate

mimugmail

Re: HA Proxy with self signed Certs + Verify SSL Certificate