Hi,
I used HAproxy as Reverse Proxy for all my cloudservices with SSL offloading with Let´s Encrypt certificate. It works perfect, till apple changed a lot of trust stuff. Internal it is a simple route from LAN to DMZ and the cloud services use self signed certificates, but apple do not trust them, also when I installed the root cert....thank´s to apple.
From external it worked, of course, there is the let's encrypt certificate.
Is it possible to come from internal LAN to the reverse proxy or can I bind HAproxy to a specific interface, like a DMZ VLAN interface and not to WAN?
Two possible ways:
WAN +> HAproxy -> Cloud Server
^<----------LAN
WAN +> DMZ VLAN -> HAproxy -> Cloud Server
^<-----------LAN