Hello,
My web server (only one server active when renewing cert) is behind an Opnsense router with hdproxy. Haproxy was set up with "Option pass-through: Add send-proxy" under "Real Servers Tab". This is used for logging real IPs of those who visited my website. But when send_proxy is present as pass-through option, Letsencrypt cert (on the server, not Opnsense router) has difficulties renewing itself. It will show error "Type: connection Detail: Error getting validation data".
As soon as I turn off "Option pass-through: Add send-proxy", I can renew cert without problems. So this means, I cannot use crontab to auto renew certificate; rather, I have to turn send_proxy on and off whenever I have to renew a cert.
I was wondering if there is an automatic way of keeping send_proxy and renewal of Letsencrypt cert.
Thanks.