HAProxy not starting with ssl configuration

Hi,

I’m trying to set up an HTTPS/SSL frontend but HAProxy won’t start whenever I add in the ‘bind *:443 ssl crt /opt/certs/self.pem’ line. I’m not sure if there is something wrong with my config or if HAProxy doesn’t like the certificate. In saying that, I can’t see any certificate related errors in the log.

Version

HA-Proxy version 1.8.4-1deb90d 2018/02/08
Copyright 2000-2018 Willy Tarreau <willy@haproxy.org>

Config

global
   log /dev/log local0
   log /dev/log local1 notice
   chroot /var/lib/haproxy
   stats timeout 30s
   user haproxy
   group haproxy
   daemon

defaults
   log global
   mode http
   option httplog
   option dontlognull
   timeout connect 5000
   timeout client 50000
   timeout server 50000

frontend http_front
        mode http
        bind *:80
        default_backend http_back

backend http_back
        balance roundrobin
        option httpchk GET /index.html
        http-check expect string WEB
        server web1 web1.domain.com:80 check
        server web2 web2.domain.com:80 check

listen stats
        bind :1234
        mode http
        stats enable
        stats hide-version
        stats uri /

frontend ssl_front
        bind *:443 ssl crt /opt/certs/self.pem
        default_backend ssl_back

backend ssl_back
        balance roundrobin
        server web1 web1.domain.com:443 check
        server web2 web2.domain.com:443 check

Certificate

I used known working certs and then tested with creating my own self signed one, but always getting the same result. Below is how I created the PEM file.

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /opt/certs/self.key -out /opt/certs/self.crt
cat self.crt self.key > self.pem

Logs

The logs aren’t very helpful.

Mar 31 20:01:23 centos4 haproxy: [ALERT] 089/200123 (39723) : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
Mar 31 20:01:23 centos4 haproxy: [ALERT] 089/200123 (39723) : Fatal errors found in configuration.
Mar 31 20:01:23 centos4 haproxy: Errors found in configuration file, check it with 'haproxy check'.
Mar 31 20:01:23 centos4 systemd: haproxy.service: control process exited, code=exited status=1

haproxy -dV -f haproxy.cfg
[ALERT] 089/200256 (39900) : Error(s) found in configuration file : haproxy.cfg
[ALERT] 089/200256 (39900) : Fatal errors found in configuration.

Thanks for any help.

Posts: 3

Participants: 2

Read full topic

HAProxy not starting with ssl configuration

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112