Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy and (purchased) wildcard cert?

    Scheduled Pinned Locked Moved
    Cache/Proxy
    1
    2
    441
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DonZalmrol
      last edited by DonZalmrol

      Hi,

      I'm trying to get my HAProxy working with my wildcard cert e.g. *.mydomain.com for two servers.
      Server 1 is an Exchange + IIS server and server 2 is a NextCloud server.

      When I go server 1 over my WAN it works without any issues and I can even access the other SNI's that host some small sites (same wildcard and even Let's Encrypt). When I go to server 2 I get a "503 Service Unavailable" error message from the HAProxy.

      e.g.:

      • mail.mydomain.com = works
      • cloud.mydomain.com = does not work
      • site1.contoso.com = works
      • site2.acme.com = works

      How can I make my HAProxy work with multiple SNI's (that are in the backend on different servers) use the same cert?

      Many thanks!

      D 1 Reply Last reply Reply Quote 0
      • D
        DonZalmrol @DonZalmrol
        last edited by DonZalmrol

        Solved!

        Found the issue, apparently the health check settings in the backend configuration was the "culprit".
        The default setting is HTTPS check and changed it to a basic (socket) check.

        So it had nothing to do with my cert or HAProxy configuration itself (beside the health check setting).

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.