HaProxy SSL offloading with multiple certificates



  • I have HaProxy setup for SSL Offloading and with one SSl certificate it works great. The problem is I have multiple domains each with it's own certificate. For example I have abc.com and xyz.com and I only see the ability to add one certificate (see image item 1). if I add the second certificate ( see image Item 2) Haproxy does not seem to recognize the second certificate for the second domain.

    I have added both certificates in the Additional certificates table (see image Item 2) but I must be missing a step since it only uses the Certificate I entered in the certificate field ( see image Item 1)

    Any help would be appreciated.

    Thanks
    sslhaproxy.jpg



  • @cjbujold said in HaProxy SSL offloading with multiple certificates:

    have HaProxy setup for SSL Offloading and with one SSl certificate it works great. The problem is I have multiple domains each with it's own certificate.

    You need use shared frontend if you have one public IP for multiply SSL certificates. This will require from client support of SNI but this not an issue in 2020.
    Your default frontend can be without backend and all shared backends use host ACLs rules (or other ACLs) to forward your requests to correct backends. That is all.


Log in to reply