Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Suricata and HAProxy
« previous
next »
Print
Pages: [
1
]
Author
Topic: Suricata and HAProxy (Read 1055 times)
Syon
Newbie
Posts: 26
Karma: 0
Suricata and HAProxy
«
on:
March 12, 2023, 12:41:21 pm »
I'm running a HAProxy with a wildcard Let's Encrypt Certificate. From OPNsense to the Server is the traffic also encrypted with Let's Encrypt Certificates. Is Suricata able to inspect this traffic? It is listening to the intern Interface, but there should be only encrypted traffic?
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Suricata and HAProxy
«
Reply #1 on:
March 12, 2023, 11:26:19 pm »
Suricata can't decrypt TLS traffic by itself. If you want it to scan it, you need to terminate the TLS connection at haproxy and send the traffic unencrypted to the internal server.
Logged
Syon
Newbie
Posts: 26
Karma: 0
Re: Suricata and HAProxy
«
Reply #2 on:
March 13, 2023, 12:48:42 pm »
Yes, I thought, that decrypt and encrypt on the OPNsense would do the trick.... But therefor it had to inspect an interface X between the processes...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Suricata and HAProxy