Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    haproxy with acme not pointing to subdomains

    Scheduled Pinned Locked Moved Cache/Proxy
    4 Posts 2 Posters 686 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      pintu1228
      last edited by

      Hi, so I have set up my haproxy with acme (let's encrypt) certificates. I am having a weird issue I can't figure out. So I have used this guide (https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=11&cad=rja&uact=8&ved=2ahUKEwig_N_jvYXmAhUMEawKHf2iBQsQFjAKegQIAxAB&url=http%3A%2F%2Fblog.devita.co%2Fpfsense-to-proxy-traffic-for-websites-using-pfsense%2F&usg=AOvVaw1QqA_ldWqp1TwzXdsRbX2p) to setup haproxy for my services (plex, nextcloud, sonarr, radarr, nzbget).

      Issue: only my nextcloud.domain.com works but the other subdomain work initally and then if I were to restart my proxmox server (which run these services) I cannot connect anymore to any of them.

      plex.domain.com doesn't work at all, is there some sort of steps I need to follow?

      I had it all working using nginx on docker under unraid but since moving to haproxy on pfsense router, its broken.

      Any help would be great.

      dragoangelD 1 Reply Last reply Reply Quote 0
      • dragoangelD
        dragoangel @pintu1228
        last edited by dragoangel

        @pintu1228 more info needed. Not working is not description of status. Status is: hanging to connect, 502,503, etc. And more over: why you not put here configs or PrtScr of your main/front/backend configs? And even more: based on you backend apps haproxy must be configured sometimes specially for them.

        Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
        Unifi AP-AC-LR with EAP RADIUS, US-24

        1 Reply Last reply Reply Quote 0
        • P
          pintu1228
          last edited by

          So I managed to get it working partially, I can get to my services (nextcloud.domain.com, etc) except for plex.domain.com. I accidentally used the testing let's encrypt certs so everytime I go to nextcloud.domain.com it shows the "Fake LE Intermediate X1" cert being used. I tried to use the one for production and regenerate my certs but it doesn't seem to overwrite the test certs.

          Is there a way to fix this issue? Is there something special that needs to be done to get plex to work with my domain?

          Thanks

          dragoangelD 1 Reply Last reply Reply Quote 0
          • dragoangelD
            dragoangel @pintu1228
            last edited by

            @pintu1228 no special. Use corect ACL, action and create backend. What you mean special? This even not websocket.
            Acme will newer overwrite another cert with same Common Name. You need remove previous incorrect certificate from certificate manager and after it run get cert again.

            Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
            Unifi AP-AC-LR with EAP RADIUS, US-24

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.