Question
Letsencrypt and Floating IP over HAProxy problem
- Posted October 5, 2018
- Load BalancingNetworking
Hi,
We have problem with challenge on Floating IP’s. Any help would be appreciated
Here are more info about it.
Server with HAProxy using acmetool listing on 402 as proxy. Both Public IP and Floating IP are assigned to HAProxy. On HAProxy request is proxied to 402 with acl (path_beg /.well-known/acme-challenge/ )
Public IP: 10.10.10.10 Floating IP: 20.20.20.20 (with anchor IP of 3.3.3.3)
domainA.com pointed to Public IP domainB.com pointed to Floating IP
Tests:
Both domainA.com and domainB.com is accessible on 80 and HAProxy proxies these to NGINX. So both domain is served over 80 with success.
domainA (on Public IP) SSL requests are signed with SUCCESS
domainB (on Floating IP) SSL requests are signed with FAILURE
Thanks
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to Answer
I always have issue with the auto acme tools for HAProxy and NGINX, my solution has been to skip the auto tools and use the manual webroot / certbot extension as if it were behind a proxy.
https://www.digitalocean.com/community/tutorials/how-to-secure-haproxy-with-let-s-encrypt-on-ubuntu-14-04