HAProxy Client Certificate authentication stops working after a while

sensewolf · Oct 4, 2023, 4:05 PM

Hi,

So I have managed to setup client certificate authentication with HAProxy in pfSense. When I browse to a protected site, my browser asks me for the certificate (and suggests the (only) installed one). After presenting the certificate to the site (HAProxy), the site is displayed in my browser. So far so good.

However, I have noticed that after about a day this does no longer work. When I present the certificate to the site (HAProxy), it is rejected ("bad cert").

Now, when I restart HAProxy from the GUI, it immediately works again. So it seems that somethings stops working in HAProxy after some time.

Has anyone encountered this before? Is there a solution (other than restarting HAProxy daily)?

(I'm on the most recent version of pfSense (2.7) and haproxy is version 0.61_11)

Thanks!

sensewolf · Oct 4, 2023, 4:05 PM

Well, I am mitigating this issue by restarting HAProxy once every day.

If anyone knows how to actually resolve the problem, I am all ears.

Thanks!

sensewolf · Nov 12, 2023, 6:21 PM

Still noone?