Multi-certificate SSL for HAProxy

1. Concatanate each certification’s files to one file

Run the followings on your local computer

cat CERT1.CRT_PATH [CERT1_MID.crt_path] PRIVATE1.key_PATH > websitename1.pem

cat CERT2.CRT_PATH [CERT2_MID.crt_PATH] PRIVATE2.key_PATH > websitename2.pem

2. Upload them to /tmp of your server

cx upload -s stack_name --server haproxy_server_name websitename1.pem_PATH websitename1.pem
cx upload -s stack_name --server haproxy_server_name websitename2.pem_PATH websitename2.pem

3. Login to your HAproxy server

cx ssh -s stack_name haproxy_server_name

4. Copy the files to certification files from /tmp to their directory

sudo cp /tmp/websitename1.pem /etc/ssl/private/websitename1.pem
sudo cp /tmp/websitename2.pem /etc/ssl/private/websitename2.pem

5. Change the settings in your HAproxy config

In th UI Find the following line in your HAproxy config page:

bind 0.0.0.0: ssl crt

and chenge it to:

bind 0.0.0.0: ssl crt websitename1.pem crt websitename2.pem

Note

Make sure websitename1.pem and websitename2.pem are the same name as the filenames you have under /etc/ssl/private/ .

You are all set.

Need help with deployments?

Contact Support

More Questions?

Join the Slack Channel