“You talking to me?” Taxi Driver, 1976

HaProxy Certificate Reminder

[vc_row][vc_column width=”1/1″][vc_column_text]

This is a note for myself on the order that the SSL cert info needs to be stored in a PEM file for Haproxy.

-----BEGIN MY CERTIFICATE-----
-----END MY CERTIFICATE-----
-----BEGIN INTERMEDIATE CERTIFICATE-----
-----END INTERMEDIATE CERTIFICATE-----
-----BEGIN INTERMEDIATE CERTIFICATE-----
-----END INTERMEDIATE CERTIFICATE-----
-----BEGIN ROOT CERTIFICATE-----
-----END ROOT CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

So for how I normally do things :

cat ./cert/{domain}.crt > ~/{domain}.pem; cat ./crt/{cafile1}.ca >> ~/{domain}.pem; cat ./crt/{cafile2}.crt >> ~/{domain}.pem; cat ./key/{domain.key} >> ~/{domain}.pem;

And then in haproxy config : 

bind {ip}:443 ssl crt /path/to/cert/domain.pem

[/vc_column_text][/vc_column][/vc_row]