HAProxy applying same cert to all domains
-
First asked over on the HAProxy side https://discourse.haproxy.org/t/haproxy-not-routing-to-backend-if-different-domain-is-used/8904
Sounds like it's possible but I'm not sure how to replicate the requested/required config within the HAProxy UI on PFSense, messed around a bunch and still not getting there. -
@colinstu
It's not really clear to me, what's your problem.
From your topic it seems you was not able to add multiple SSL cert to a frontend. This can be easily done in an SSL offloading frontend at "Additional certificates".Your post in the HAproxy forum lead me to suspect you want to forward different domains from one frontend to different backend servers.
This can be achieved with an "host matches" ACL in an http frontend.Maybe you can give some more details on your issue.
-
@viragomann
Ok, so I setup the additional certificate, and I checked on the box for "Add ACL for certificate CommonName". Now when I hit the url, the correct cert is being served up, but I'm still getting a 503 error.I have the host matches ACL entries setup within the frontend already.
-
@colinstu Edit: Huh, after also checking on "Add ACL for certificate Subject Alternative Names." for the alt cert, it now works!