Menu
I just purchased an SSL Certificate. It came with 1 server certificate, 1 intermediate certificate and 1 root certificate.
I have my *.csr file and *.key used to create the certificates.
I am using Tutum with HAProxy and there is a SSL_CERT environment variable. I read the documentation but could not get it to work properly. How do I set this SSL_CERT environment variable?
791
First, create a self-signed SSL certificate Use the following command to create your self-signed SSL certificate and move it to /etc/ssl/private. root@haproxy:~# openssl req -nodes -x509 -newkey rsa:2048 -keyout /etc/ssl/private/test. key -out /etc/ssl/private/test.
Configure PEM SSL Certificate in HAProxy Next, open your HAProxy configuration file and configure the certificate under the frontend listener section, using the ssl and crt parameters: the former enables SSL termination and the latter specifies the location of the certificate file.
backend webservers server web1 10.0.0.5:443 ssl verify none server web2 10.0.0.6:443 ssl verify none. In this example, verify is set to none, which means that HAProxy Enterprise will not check that the server's certificate is trusted. This is helpful when using self-signed certificates.
HAProxy is compiled with OpenSSL, which allows it to encrypt and decrypt traffic as it passes.
I am the maintainer of the tutum/haproxy image. To use SSL_CERT, you need a file containing both your public certificate(your.crt) and private key(your.key). You can do as follows:
cp your.key cert.pem
cat your.crt >> cert.pem
Then, you can run:
awk 1 ORS='\\n' ~/cert.pem.
Copy the output to SSL_CERT
Done
142
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
