Messages

1

Tutorials and FAQs / Re: Tutorial: OPNsense, HAProxy, Let's Encrypt, Wildcard Certs, 100% A+ SSLLabs

« on: May 09, 2024, 10:42:14 am »

Hey there and thank you so, so much for this great tutorial! It gave me exactly what I needed!

Yet there is a reason why I'm quoting this particular post.

Configuration made basing on your tutorial was working flawlessly on version 23.7.1 (os-haproxy 4.0, haproxy26 2.6.14), but after update to 23.7.2 and haproxy26 2.6.15 HAProxy service was failing to start.

I followed sorano's suggestion to not use virtual ip and bingo! That was it (it took me hours to find out where the issue is, as there were no message in logs - just a startup failure of HAProxy).

Maybe it would be good to add adnotation or a second way to configure HTTPS_frontend?

I can confirm that it works flawlessly with dynamic WAN ip.

Once again thank you very much and @sorano too

Cheers
Paweł

I did not see a reply to this so I will post my experience.

I think I had the same issue: HAProxy fail to start whenever I enabled HTTP and HTTPS_frontend with private IP config.
Turns out that I had selected "Other" in the Private IP type config instead of IP Alias as per the tutorial.

As always the tutorial is correct and working.