I am running HAProxy as a reverse proxy in HTTP / HTTPS (SSL offloading) mode using Let’s Encrypt ACME on OPNsense.
Everything is working fine and I am right now fine tuning my setup.
The only thing left to do is to get OCSP stapling to work!
My certificate already contains the OCSP Must Staple extension.
How do I proceed from here on?
I had a look at all the HAProxy settings but couldn’t really figure out how to set up OCSP stapling.