haproxy error trying to set up SSL client cert auth "no such ACL: aclsystem_ssl_c_used"
nuclearstrength last edited by
I'm trying to set up client authentication via an SSL client certificates with an internal CA created in pfsense with self-signed certs, which have been installed on the browser, both the CA and the client cert.
SSL auth via certificate on the frontend is actually working, I have been asked the certificate by haproxy frontend and it has been recognized,
the backend is just a forward to an http service on a machine over a VPN, I configured no other ACL on the backend as I consider having the user SSL cert enough for accessing this service.
I get a 503 with this setup.
If I setup an ACL on the backend as well with SSL Client certificate valid I get this error:
[ALERT] 239/060824 (16900) : parsing [/var/etc/haproxy_test/haproxy.cfg:84] : error detected while parsing switching rule : no such ACL : 'aclsystem_ssl_c_used'.
[ALERT] 239/060824 (16900) : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg
[ALERT] 239/060824 (16900) : Fatal errors found in configuration.
aclsystem_ssl_c_used is an error that is mentioned only in the pfsense haproxy package on the internet, here
what am I doing wrong, seems like I shouldn't put the "SSL client certificate valid" on the backend as well as the frontend since it's already used, at least that's what I get from the name, I can't understand that code, but I want to authenticate users on the haproxy frontend and I need no other form of authentications or acl besides that, how do I get that setup?