Hello everybody. I have configured Haproxy, behind it two Nginx servers, with Letsencrypt installed on one of them.
Config Haproxy:
`
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
tune.ssl.default-dh-param 2048
stats socket /var/lib/haproxy/stats
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 30s
timeout client 30m
timeout server 30m
timeout http-keep-alive 10s
timeout check 30s
maxconn 3000
cookie JSESSIONID prefix nocache
option tcplog
frontend http-in
bind *:80
reqadd X-Forwarded-Proto:\ http
default_backend http-servers
backend http-servers
balance roundrobin
server web1 10.0.5.92:80 check cookie web1
server web2 10.0.7.127:80 check cookie web2
frontend https-in
bind *:443
mode tcp
default_backend https-servers
backend https-servers
mode tcp
option ssl-hello-chk
balance roundrobin
fullconn 200
server webssl1 10.0.5.92:443 check-ssl verify none cookie webssl1 send-proxy
server webssl2 10.0.7.127:443 check-ssl verify none cookie webssl2 send-proxy backup
listen stats
bind :8080
stats enable
stats uri /haproxy_stats
stats auth admin:password
`
In DNS records set all domain name have public ip this Haproxy.
But, when i try configure certificates throught Letsencrypt, I get an error “Invalid response from”, when i change A records on ip address my nginx web servers on which install certbot, certificates generated correctly. What should I do to fix this problem ?