Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
[solved] HAproxy with https-redirect and letsencrypt http-01
« previous
next »
Print
Pages: [
1
]
Author
Topic: [solved] HAproxy with https-redirect and letsencrypt http-01 (Read 4003 times)
nibblerrick
Newbie
Posts: 16
Karma: 3
[solved] HAproxy with https-redirect and letsencrypt http-01
«
on:
November 13, 2019, 10:31:40 am »
Hi,
I am a little bit stuck with this situation:
Using letsencryptlugin with http-01 challenge and haproxy. Default configuration works.
Now I like to redirect the incoming http/port 80 traffic to ssl/443, which works fine by defining a condition in haproxy for not-ssl-traffic to be redirected.
But this redirect-rule seems to match before the acme-challenge-rule.
I thought if I modify the acme-rule to use the acme-condition AND not-ssl-condition it should work because it's more specific. But it doesn't.
I tried to find something about this behaviour and read somewhere http-redirect rules are always executed before the other rules but don't know if that's right.
So... what's the correct way to catch the acme-condition and send it to the backend before the ssl-redirect-rule takes effect?
Only similar thin in this forum I could find was in the german section
https://forum.opnsense.org/index.php?topic=7880.msg36600#msg36600
but there isn't an answer.
Thanks
«
Last Edit: November 13, 2019, 02:56:57 pm by nibblerrick
»
Logged
nibblerrick
Newbie
Posts: 16
Karma: 3
Re: [solved] HAproxy with https-redirect and letsencrypt http-01
«
Reply #1 on:
November 13, 2019, 02:56:28 pm »
I think I got it, I made a copy of the condition for the acme-challenge but checked the negate option and added this condition to the https-redirect-rule. Now things work as expected.
Maybe this is a little bit more elegant to achieve with a custom rule.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
[solved] HAproxy with https-redirect and letsencrypt http-01