Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy, IIS and Let's Encrypt

    Cache/Proxy
    1
    2
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      geocast
      last edited by

      Hello everyone

      I'm trying to setup pfsense (newest version) with HAProxy as SSL Passthrough Proxy to an IIS Server with an Let's Encrypt certificate.

      So I've setup the front end as in the attached image.

      The backend is configured with two entries

      mode: active
      foward-to: address+port
      adress: IP of Server
      Port: 443
      SSL: yes

      and it has a second entry with all the same, except Port ist 80 und SSL no

      The forward from http to https is setup on IIS itself and it seems to work, as it gets changed into https when you go to that address.

      But on https it is not working. In chrome I get an error saying: ERR_SSL_PROTOCOL_ERROR

      Have I setup anything wrong, or am I missing something. If I use normal NAT to IIS it works fine.

      Thanks

      front-end.png
      front-end.png_thumb

      1 Reply Last reply Reply Quote 0
      • G
        geocast
        last edited by

        For anybody who would have the same problems. I had the website already running for a while over NAT before it was changed to HAProxy. I let let's encrypt create new Certificates and changed the forwarding (http to https) to HAProxy, not the IIS anymore. Now it's working.

        Clear your cache before you try though!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.