Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy ACL impossible to confirm config

    HA/CARP/VIPs
    1
    2
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      Enyalios
      last edited by

      Hey Dude,

      I want to use HA-Proxy for Cert transfer. How ever, i used it in past for my hosts and their Sub-domain. So every Subdomain has an ACL by TLS extension to get the right Server. All done, all fine. Long time i haven´t to change any thing. But now, new entries looks like "good luck". Wenn i create a new ACL there are only 8 expressions.

      5x TLS
      Source IP...
      Mini. count ...
      custom acl

      So i create a new with one of the TLS expressions and all will done well, but i dont need a new TLS Expression. I need a small part from the path called ".well-known". But this option is only availible if i save the TLS expressions - save changes - confirm changes - and all is fine for now. (By the way Actions was add too.)

      Then! I try to check the Expressions after create the new ACL and hollyhand whats happen now i have access to the whole expressions from "path..." over "host" and so on ... but when i change the expression like i need: i tried "path contains" "well-known"- save - confirm - and get:

      parsing [/var/etc/haproxy_test/haproxy.cfg:71] : error detected while parsing switching rule : no such ACL : 'ACL_Cert_update'.
      parsing [/var/etc/haproxy_test/haproxy.cfg:79] : error detected while parsing switching rule : no such ACL : 'ACL_Cert_update'.

      if i go now into the menu the ACL is deleted completely. Is this a big Bug ? Why there are for the first time i add an ACL only so few expressions?

      I hope someone got the same and solved the problem. I dont know what happen.

      Thx for your help!
      Maik

      E 1 Reply Last reply Reply Quote 0
      • E
        Enyalios @Enyalios
        last edited by

        Ok i found bug A) i have choose TYP = ssl / https(TCP mode) .... thats the reason i got only the TLS options etc. But if i create this ACL - save - confirm - go back - try to change the option again there are all the other options availible which shouldn´t be chooseable. Thats why this Rule will be delete after - save - confirm - but without any error.

        How ever this way is to buggy and cost to much time. I got an other way to get my wildcard domain certs now on a much easier way then befor using my hosting provider and their api (Hetzner).

        Thx for read anyway.

        bye Maik

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.