Lets encrypt with haproxy setup and renewal
I have been running haproxy for http and https without any issues. I have been trying to setup let`s encrypt and I have not been very successful. I am looking to have the renewal automated using certbot. Could anyone assist. I wil give the successful detailed solution £50.
i can give you only a hint until someone else will better answer your question. i don't use haproxy inside pfsense.
in this example requests from letsencrpt will be redirected to port 12345 where certbot is listening bypassing the default behavior
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
use_backend letsencrypt-bk if letsencrypt-acl
server letsencrypt ipserverweb:12345
sudo certbot renew --tls-sni-01-port=12345
@kiokoman Thanks for the pointer.
Where I am getting lost is I would like to use multiple web servers with https on so how to redirect each renewal request to the correct server.
i think you have two options,
acl for every domain
server letsencrypt1 ipserverweb1:12345
server letsencrypt2 ipserverweb2:12345
or just use one server to generate / update the certs and then you can scp the certs to the others server with a script
as i said i don't use haproxy so you need to test this out
create backend :
Address: you put the webseerverip you have
create one for every webserver you have
then you go to frontend and create acl and action:
pls do not pm me i'm not helping for money donate it to netgate forum / buy a service or an appliance when you can afford it, from them / buy a new car for johnpoz / donate it to some charity
have a nice day