OPNsense Forum

English Forums => Development and Code Review => Topic started by: Oliyou you on August 25, 2022, 06:53:04 pm

Title: Let's Encrypt always fails on first registration with HAproxy
Post by: Oliyou you on August 25, 2022, 06:53:04 pm

I really like how easy I can get certs now with HAproxy and Let's encrypt. Great work, thanks.

I thought I tell this minor issue with it here if someone is interested to fix it. It's really minor, but confusing for the first timer like me. So I have HAproxy listening all traffic to port 443. The default public service then routes requests to correct backends based on rules. First I create rules to sort traffic to given domain and backend. Then I add the ruleto to public service. That frontend also is using certs from Let's Encrypt service. Next I need to go to letsencrypt service to add domain.

I add the domain with http validation method, and press the small refresh button to force registration. This always fails at first run. But it also always works on the second run. Even though the gui don't show it until page refresh, but logs do.

So it's now OK for me, as I know this, but I sure spent some time on the first trials as I didn't look at the logs first.

Anyway, knowing this, it is great feature. Perhaps it gets fixed at some point.
Betflik (https://betflik13.com/)

Title: Re: Let's Encrypt always fails on first registration with HAproxy
Post by: Bruce Eckel on September 01, 2022, 11:08:34 am

Let's Encrypt requires the use of an ACME infrastructure, so not all devices can readily use the certificates without significant manual intervention or writing your own management tools.