Youtor
How to create a PEM file for HAProxy Configure SSL Certificate
>> YOUR LINK HERE: ___ http://youtube.com/watch?v=Kj0w3eK6MKI
How to create a PEM file for HAProxy Configure SSL Certificate • http://fosshelp.blogspot.in/2016/11/h... • 1 • Generate a unique private key KEY • $sudo openssl genrsa -out mydomain.key 2048 • Note: • Content in this file start with ----BEGIN RSA PRIVATE KEY---- • 2 • Generating a Certificate Signing Request CSR • $sudo openssl req -new -key mydomain.key -out mydomain.csr • Note: • Content in this file start with ----BEGIN CERTIFICATE REQUEST---- • 3 • Creating a Self-Signed Certificate CRT • $openssl x509 -req -days 365 -in mydomain.csr -signkey mydomain.key -out mydomain.crt • Note: • Content in this file start with ----BEGIN CERTIFICATE---- • 4 • Append KEY and CRT to mydomain.pem • $sudo bash -c 'cat mydomain.key mydomain.crt /etc/ssl/private/mydomain.pem' • Note: • This pem file contains 2 sections certificates, one start with ----BEGIN RSA PRIVATE KEY---- and another one start with ----BEGIN CERTIFICATE---- • 5 • Specify PEM in haproxy config • $ sudo vim /etc/haproxy/haproxy.cfg • listen haproxy • bind 0.0.0.0:443 ssl crt /etc/ssl/private/mydomain.pem • mode http • option http-server-close • option forwardfor • reqadd X-Forwarded-Proto:\\ https • reqadd X-Forwarded-Port:\\ 443 • option forwardfor if-none • balance roundrobin • option abortonclose • server 192.168.100.224 192.168.100.224:1443 check inter 10s rise 2 fall 3 ssl verify none • 6 • Restart haproxy • $ sudo service haproxy restart
#############################
