Hi Simos, The workaround is to have a default (fake) certificat in first and use « strict-sni » parameter.
Manu > Le 22 mai 2017 à 10:28, Simos Xenitellis <[email protected]> a écrit > : > > Hi All, > > I am trying to automate some tasks with adding multiple https > (LetsEncrypt) websites, > and using HAProxy as a TLS Termination Proxy. > > The problem is that when you start off with an empty server, there are > no certificates yet, > and it is not possible to have "bind *:443 ssl crt > /etc/haproxy/certs/..." in haproxy.cfg. > > LetsEncrypt can work with http, so it could easily use the "bind *:80" > front-end in the beginning. > > Is there a way to express "If no certificates are found in > /etc/haproxy/certs/, then do not bind *:443"? > > Simos >
