Multi-certificate SSL for HAProxy
How to configure multi-certificate SSL for HAProxy in Cloud 66
Overview
Some applications require multiple SSL certificates to function (for example if they serve multiple domains). To configure HAproxy as a termination point for multiple certificates, follow the steps below. Remember to replace placeholder (e.g. websitename
) with your own values.
This guide assumes you are familiar with Cloud 66 Toolbelt. If you aren't we have a quick guide to get you up and running.
1. Concatenate the certificate files
Run the following command on your local machine:
2. Upload them to /tmp on the server
3. Log into your HAproxy server
4. Copy the cert files from /tmp to their directory
5. Change the settings in your HAproxy config
In the UI Find the following line in your HAproxy config page:
bind 0.0.0.0:{{port[0]}} ssl crt
and change it to:
bind 0.0.0.0:{{port[0]}} ssl crt websitename1.pem crt websitename2.pem
Make sure websitename1.pem
and websitename2.pem
are the same name as the filenames you have under /etc/ssl/private/