Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Haproxy cloudflare issues

    Cache/Proxy
    haproxy ssl cloudflare nginx web server
    1
    1
    570
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      GameHoundsDev
      last edited by

      Here is details about my network setup:

      Cloudflare, SSL Strict > PFSense HaProxy > ProxmoxVM > Server > Nginx > Port 80 website

      I am getting a error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH when ever it try to access https://thetechnologystudio.com/

      Ha-Proxy Settings:
      General Settings:
      Maximum Connections: 256
      Internal Stats Port: 2200
      Remote syslog host: /var/run/log
      Max SSL Diffie-Hellman size: 2048
      Custom Options: Empty no data

      Front end:
      Name: thetechnologystudio.com
      External address:

      Listen Address: WAN address (IPv4)
      Port: 443
      SSL Offloading: Checked

      Type: http / https(offloading)
      ACL
      name: TTSMainLinux
      Expression: Host matches:
      cs: no
      Not: no
      Value: thetechnologystudio.com

      Actions:
      Conditional acl names: TTSMainLinux
      backend: TTSMainLinux

      SSL Offloading
      Certificate: tts-certs
      Add ACL for certificate CommonName. (host header matches the "CN" of the certificate): not checked
      Add ACL for certificate Subject Alternative Names: Checked

      Backend:
      name: TTSMainLinux

      Server List
      Mode: active
      name: thetechnologystudio.com
      forwardto: address+port
      address: 192.168.1.5
      port: 80
      Encrypt(SSL): no
      SSL checks: no

      CA: Acmecert: O=Let's Encrypt,
      Client Certificate: tts-certs (CA: acmecert: ....

      Nginx Site Config:

      server {
	listen 80;
	listen [::]:80;
	
      server_name thetechnologystudio.com;
      root /var/www/html/test;
	  index index.php index.html index.htm index.nginx-debian.html;
		
	location / {
		try_files $uri $uri/ =404;
    if ($request_method = OPTIONS ) {
        add_header Access-Control-Allow-Origin "https://thetechnologystudio.com";
        add_header Access-Control-Allow-Methods "GET, OPTIONS";
        add_header Access-Control-Allow-Headers "Authorization";
        add_header Access-Control-Allow-Credentials "true";
        add_header Content-Length 0;
        add_header Content-Type text/plain;
        return 200;
    }
	}
   
	location ~ \.php$ {
		include snippets/fastcgi-php.conf;

		# Nginx php-fpm sock config:
		fastcgi_pass unix:/run/php/php8.1-fpm.sock;
		# Nginx php-cgi config :
		# Nginx PHP fastcgi_pass 127.0.0.1:9000;
	}
  
	location ~ /\.ht {
		deny all;
	}
}

      Webpage:
      index.php

      <?php
  phpinfo();
?>

      Let me know if theres anything else that you need to assist me in diagnosing and fixing this issue.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post