If you're looking to configure HAProxy for a virtual host with SSL support, you're in the right place. In this guide, we'll walk you through the necessary HAProxy configuration for setting up SSL for your virtual host.
Before configuring HAProxy, you'll need to set up your SSL certificate. Here's an example of how to combine your SSL certificate and private key into a PEM file:
cat example.crt example.key > /etc/ssl/private/example.pem
Replace example.crt and example.key with the actual filenames of your certificate and key files, and ensure the output file path is correct.
Here's a sample HAProxy configuration for a virtual host with SSL support:
frontend web.demo.com
bind 10.0.0.1:80
bind 10.0.0.1:443 ssl crt /etc/ssl/private/example.pem alpn http/1.1,h2
mode http
http-request redirect scheme https code 301 unless { ssl_fc }
acl web.demo.com_ssl ssl_fc_sni -i web.demo.com
use_backend web.demo.com if web.demo.com_ssl
option forwardfor header X-Real-IP
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
backend web.demo.com
balance roundrobin #static-rr leastconn first source uri url_param hdr rdp-cookie
server web1 10.0.0.2:80 check
server web2 10.0.0.3:80 check
Make sure to replace the placeholders with your specific configuration details.
You can enable the HAProxy Web Control Panel using the following configuration:
# Enable HAProxy Web Control Panel
listen stats
bind 10.0.0.1:8987
mode http
stats enable
stats uri /haproxy_stats
stats realm HAProxy\ Statistics
stats auth admin:securepassword
stats admin if TRUE
You can check your HAProxy configuration using the following command:
haproxy -c -f /etc/haproxy/haproxy.cfg
If you found this configuration helpful, consider supporting us:
Buy Me a Coffee