Show Posts
1
Tutorials and FAQs / Re: Tutorial 2022/08: HAProxy + Let's Encrypt Wildcard Certificates + 100% A+ Rating
« on: December 25, 2022, 03:34:26 pm »
I know this is not really part of the (great) tutorial, but I wanted to ask if it is possible to change the SSL certificate that is being used based on whether the traffic is local or public. I already have setup the rule for subdomains that are only accessible from local IPs.
The reason for this is that I want to enable Full (Strict) mode in Cloudflare. That means I have to use the Cloudflare Origin Server Certificate for public access to my HAProxy. I already uploaded the certificate to OPNsense and selected it along with the Let's Encrypt certificate for the HTTPS frontend. However it seems only the LE certificate is being used, so public access via Cloudflare fails. I looked for an HAProxy function that chooses a specific certificate, but it does not seem to exist.
Can anyone point me in the right direction?
The reason for this is that I want to enable Full (Strict) mode in Cloudflare. That means I have to use the Cloudflare Origin Server Certificate for public access to my HAProxy. I already uploaded the certificate to OPNsense and selected it along with the Let's Encrypt certificate for the HTTPS frontend. However it seems only the LE certificate is being used, so public access via Cloudflare fails. I looked for an HAProxy function that chooses a specific certificate, but it does not seem to exist.
Can anyone point me in the right direction?