Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
HA-Proxy problem: error_ssl_protocol
« previous
next »
Print
Pages: [
1
]
Author
Topic: HA-Proxy problem: error_ssl_protocol (Read 2855 times)
ruggerio
Sr. Member
Posts: 295
Karma: 11
HA-Proxy problem: error_ssl_protocol
«
on:
November 27, 2018, 12:07:39 pm »
Hi,
I installed 2 backend-servers, one with ssl, one with nossl. I installed 1 frontend for both, with actions and conditions. HAProxy works, but if i want to connect via wan, i get a ssl-error in my browser.
The certificate still is on my server, it's a letsencrypt-cert. I think, i did someting wrong in the config. Does the webserver (the backend) still need a certificate? Or does this error come because of not having an official cert (not a selfsigned one)?
I think, except this, it would work...
Thx!
Logged
guest18661
Guest
Re: HA-Proxy problem: error_ssl_protocol
«
Reply #1 on:
December 02, 2018, 07:08:22 pm »
When you say connecting via WAN, you mean from the internet to your opnsense box where haproxy is running? So you are connecting to a frontend from outside and getting the SSL error in your browser? Seems like your haproxy doesn't have a valid cert. Did you setup let's encrypt to give certs to haproxy?
I don't recall the specifics but when I set mine up I had to put some ACLs or conditions in place so haproxy could direct the acme stuff to the right place to allow let's encrypt to handle it's validation.
I think the plugin handles most of this, but if you have other rules or acls they can interfere or take precedence. I had multiple domains to deal with so I had to structure everything properly or the acme stuff would fail to validate.
Maybe if you posted more specifics I could give you better direction, but hopefully that helps get you moving in the right direction.
Logged
ruggerio
Sr. Member
Posts: 295
Karma: 11
Re: HA-Proxy problem: error_ssl_protocol
«
Reply #2 on:
December 03, 2018, 08:16:01 pm »
The thing is, that haproxy has no certifkcate from acme at all.
It is on the backendserver already installed.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
HA-Proxy problem: error_ssl_protocol