Configuring HAProxy

If you're looking to configure HAProxy for a virtual host with SSL support, you're in the right place. In this guide, we'll walk you through the necessary HAProxy configuration for setting up SSL for your virtual host.

SSL Certificate Setup

Before configuring HAProxy, you'll need to set up your SSL certificate. Here's an example of how to combine your SSL certificate and private key into a PEM file:

cat example.crt example.key > /etc/ssl/private/example.pem

Replace example.crt and example.key with the actual filenames of your certificate and key files, and ensure the output file path is correct.

HAProxy Configuration

Here's a sample HAProxy configuration for a virtual host with SSL support:

    bind ssl crt /etc/ssl/private/example.pem alpn http/1.1,h2
    mode http
    http-request redirect scheme https code 301 unless { ssl_fc }
    acl web.demo.com_ssl ssl_fc_sni -i
    use_backend if web.demo.com_ssl
    option forwardfor header X-Real-IP
    http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"

    balance roundrobin #static-rr  leastconn first source uri url_param hdr rdp-cookie
    server web1 check
    server web2 check

Make sure to replace the placeholders with your specific configuration details.

Enable HAProxy Web Control Panel

You can enable the HAProxy Web Control Panel using the following configuration:

# Enable HAProxy Web Control Panel
listen stats
    mode http
    stats enable
    stats uri /haproxy_stats
    stats realm HAProxy\ Statistics
    stats auth admin:securepassword
    stats admin if TRUE

Check HAProxy Configuration

You can check your HAProxy configuration using the following command:

haproxy -c -f /etc/haproxy/haproxy.cfg

If you found this configuration helpful, consider supporting us:

Buy Me a Coffee