@deepagarhaproxy wrote:
Hello,
I need an urgent help.
I have HAProxy in server mode, having CA signed certificate.
I have client with self-signed certificate.My requirement are following: HAProxy should
a. fetch client certificate
b. Do not verify client certificatePlease suggest how to fulfill this requirement.
a. The below config in frontend is validating client self-signed cert using CA ca.crt, but client cert is self signed.
HAProxy error: SSL client certificate not trusted
bind *:8443 ssl crt /etc/haproxy/server.pem ca-file /etc/haproxy/ca.crt verify optional ca-ignore-err allb. The below config errors on haproxy start saying ca-file needed with verify optional
bind *:8443 ssl crt /etc/haproxy/server.pem verify optional ca-ignore-err all
c. The below config does not request client cert
bind *:8443 ssl crt /etc/haproxy/server.pem ca-file /etc/haproxy/ca.crt verify none ca-ignore-err all
d. The below config does not request client cert
bind *:8443 ssl crt /etc/haproxy/server.pem ca-ignore-err all
Thanks,
Deepak
Posts: 3
Participants: 2