SSL Configuration for HAProxy 1.6.12


#1

Hi,
I need an assistance to configure the SSL properly in HAProxy 1.6.12, I am aiming to use HTTPS between browser and HAProxy, from HAProxy to backend, it will be HTTP. I loaded the public CA certificate from entrust successfully, I can see the application login page via https, howvere, when trying to login, its says “page cannot be displayed”, I am not sure if all the required configuration parameters related SSL are made in config file.

Appreciate you help on this? is there any detailed procedure to configure SSL in HAProxy.

global
maxconn 2000
chroot /etc/haproxy
tune.ssl.default-dh-param 2048
ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-bind-options no-sslv3 force-tlsv12

ssl-server-verify none

ssl-server-verify required
quiet

listen http_proxy
bind :44370 # HAProxy Listen Port
bind :44374 ssl crt /etc/haproxy/certs/sss.starhubsg.sh.pem
reqadd X-Forwarded-Proto:\ https
server server1 :8000

Regards,
Vel