Figured out my issue. I was doing something really stupid. Make sure if you’re using conf.d/, you name your file .cfg instead of .conf.
All is well. -jeremy > On Sunday, Jan 29, 2023 at 9:26 PM, Me <jer...@skidrow.la > (mailto:jer...@skidrow.la)> wrote: > Scenario is a firewall host running HAProxy trying to map to an internal web > server. The web server is configured for SSL with a Let’s Encrypt certificate > using the external name with a DNS entry pointing to the routable IP of the > firewall/HAProxy host. Internal name for the website is different than the > external name. I’m either trying to do passthrough SSL via HAProxy or > whatever makes more sense. > > WORLD -> SSL -> (www.website.com on routable IP) HAProxy -> (web.stuff.intra > on internal IP) internal host > > I’m sure this is probably the scenario a million people use but after trying > very many examples from searches, I’m still unable to get this to function > properly. > > Example configuration: > > frontend localhost > bind 66.66.66.66:443 > option tcplog > mode tcp > default_backend nodes > > backend nodes > mode tcp > balance roundrobin > option ssl-hello-chk > server web01 192.168.10.30:443 check > > > Basically lifted from > https://serversforhackers.com/c/using-ssl-certificates-with-haproxy > > I’m very new to HAProxy and while I’ve heard of it for years, I never got > around to playing with it. > > Basically the results of this config tell me the site is unreachable. I’m not > sure exactly how to debug to figure out where the breakdown is. > > Any tips is much appreciated. > > -jeremy > > > >
signature.asc
Description: PGP signature
