Get HaProxy, multiple SSL domains and firewall work together

7fe1c295 · jurgenhaas · 9408d279 · 7fe1c295 · 7fe1c295
Commit 7fe1c295 authored 9 years ago by jurgenhaas
--- a/README.md
+++ b/README.md
+#HaProxy#
+
+##Instruction to prepare a certificate file##
+
+For HaProxy to terminate SSL requests we require a single PEM file with all certificate components chained together.
+
+The seqeuence of those compoenents is this:
+
+- Private Key, e.g. example.com.key.pem
+- Domain Certficate, e.g. example.com.crt.pem
+- Intermediate Certificate, e.g. example.com.ca.crt.pem
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -61,9 +61,9 @@ frontend http-in
  acl redirect_ssl_{{host}} hdr_dom(host) -i -f /etc/haproxy/{{host}}.ssl.list
  use_backend backend_redirect_ssl if redirect_ssl_{{host}}
 {% endfor %}
-
 {% for cert in proxy_certificates %}
-frontend https-in
+
+frontend https-in-{{ cert.ip }}
  bind {{ cert.ip }}:443 ssl crt /etc/haproxy/certs/{{ cert.file }} no-sslv3
  acl blockedip src  -i -f /etc/haproxy/blacklist
  http-request deny if blockedip