HAProxy Unable to configure client certs for mTLS Backend app

ritesh-kumar · April 27, 2021, 4:22am

Hello everyone,

I am doing HA Proxy setup, where our back-end application is configured for mTLS. I am having client certificates and key required for mTLS authentication with back-end application servers but being new to ha-proxy I am unable to find how to configure it.

OS: Amazon-Linux-2
Ha Proxy: version 1.5.18 2016/05/10

If possible we would like to hard code the client certificate and key to make every call to backend server to have client CERTS automatically.

HA-Proxy config

frontend http443
    bind                    *:443
    mode                    tcp
    option                  tcplog
    default_backend         app_servers_443

backend app_servers_443
    balance                 roundrobin
    mode                    tcp
    timeout                 check 10s
    option                  ssl-hello-chk
    server                  app_server  192.168.1.45:443    check inter 30s fall 3 rise 3

Thank you.

Topic		Replies	Views
How to configure HAproxy for a certificate authentication Help!	1	2383	October 13, 2022
Is this possible - HAProxy 2 Way SSL - Cert Auth Reverse Proxy Help!	4	5470	January 10, 2019
HAProxy proxy protocol Help!	10	2971	March 31, 2021
Help with SSL config with 1 root cert but mutiple subdomains listening on port 443 Help!	18	1066	July 17, 2020
MQTT, mTLS & Private CA Help!	0	187	June 25, 2024

HAProxy Unable to configure client certs for mTLS Backend app

Related topics