HAProxy and Intermediate SSL Certificate Issue

amazon-web-services ssl ubuntu haproxy

Solution 1:

Correct order to include intermediate certificates:

-----BEGIN PRIVATE KEY----- [Your private key] -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- [Your certificate] -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- [Intermidate#1 certificate] -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- [Intermidate#2 certificate] -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- [Root certificate] -----END CERTIFICATE-----

awk 1 ORS='\\n' ~/your_path/cert.pem

copy string

and paste to docker-compose.yml like that:

proxy: image: tutum/haproxy ports: - "80:80" - "443:443" environment: - "DEFAULT_SSL_CERT=-----BEGIN PRIVATE KEY-----\nMIIEvQIBADA......" links: - webapp

It's work for me.

Solution 2:

FWIW, I managed to get to the bottom of this. The issue was the delimiters I had used for the various certificates in my .pem file.

The delimiter has to be exactly -----BEGIN/END CERTIFICATE----- - no "INTERMEDIATE" or "ROOT" or any of that.

Also, the working .pem for HAProxy includes all of the intermediate and root certificates in my chain - it seemed to be the only way to get them to all pick up.

Related

cmd - run a batch file after all other concurrent batch files finish
apply calico manifest through ansible kubernetes core module
Korean Characters in Outlook lose their encoding
Why is Mac OS X Lion Apache DocumentRoot /usr/htdocs?
How can I stop JavaScript from modifying the clipboard?
Google Drive with proxy authentication
How to copy a sparse file using scp?
Is "Turn Off Windows write-cache buffer flushing" safe on a laptop?
Turn system icons (notifications) on/off resets on restart
Permanently reject Bluetooth pairing request
Math formulas in emails
How can I set a keyboard shortcut to switch between Excel tabs?