Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy) (Read 3428 times)
abij
Newbie
Posts: 14
Karma: 1
Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)
«
on:
February 05, 2019, 07:10:34 pm »
Hello,
My web server (only one server active when renewing cert) is behind an Opnsense router with hdproxy. Haproxy was set up with "Option pass-through: Add send-proxy" under "Real Servers Tab". This is used for logging real IPs of those who visited my website. But when send_proxy is present as pass-through option, Letsencrypt cert (on the server, not Opnsense router) has difficulties renewing itself. It will show error "Type: connection Detail: Error getting validation data".
As soon as I turn off "Option pass-through: Add send-proxy", I can renew cert without problems. So this means, I cannot use crontab to auto renew certificate; rather, I have to turn send_proxy on and off whenever I have to renew a cert.
I was wondering if there is an automatic way of keeping send_proxy and renewal of Letsencrypt cert.
Thanks.
«
Last Edit: February 05, 2019, 07:29:58 pm by abij
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.1 Legacy Series
»
Renew Letsencrypt cert on server behind Opnsense router (haproxy w/ send_proxy)