SSL certs handling and HAproxy
-
What's the chances?
-
You are accessing that via the proxy?
-
@stephenw10 said in SSL certs handling and HAproxy:
You are accessing that via the proxy?
I was searching Google which gave a link to these forums and this is what I got, repeatedly.
When we forward a domain, we typically maintain the old domain's cert also, just for this reason. -
@lewis
must be an old entry because the forum is forum.netgate.com and not forum.pfsense.com
or they forgot to add the DNS
-
Oh well spotted! Yeah that's just an old link.
-
I wish I could figure this thing out. I very badly need a cache server for all of the web sites on the back end.
I appreciate the help you've all provided. -
And today, another random thing happens on pfsense which I'm sure no dev will say 'oh ya, we're working on that one' to.
When I created my first acme cert and generated it, it should the dates of the cert start/end in Last renewed.
Today, I create a new cert, generate it and see nothing, just 'Issued Certificate Dates;' and nothing. -
You have a screenshot?
-
-
In the end, the point is to have two new things;
1: varnish server to handle caching
2: fixing the haproxy configuration so that it's actually load balancing those web servers.
That was an interesting find. I don't know how pfsense was sending traffic to the web servers without haproxy actually working.
Maybe it automatically round robins since the servers are listed in an alias?
