
Deploy Free SSL with HAproxy and LetsEncrypt

Setup HAproxy and use LetsEncrypt We’re going to use HAproxy to perform SSL termination which will then “reverse proxy” to our web server using a (free) SSL Certificate from

Latest Post How to Publish an Unbundled Svelte Package to npm by Matthew Davis public

Setup HAproxy and use LetsEncrypt

We’re going to use HAproxy to perform SSL termination which will then “reverse proxy” to our web server using a (free) SSL Certificate from LetsEncrypt.



Installing HAproxy + certbot:

$ sudo yum install -y epel-release
$ sudo yum install -y haproxy certbot

Opening the firewall:

$ sudo firewall-cmd --permanent --add-port=80/tcp
$ sudo firewall-cmd --permanent --add-port=443/tcp
$ sudo firewall-cmd --reload


Installing HAproxy + certbot:

$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install -y haproxy certbot

Opening the firewall:

$ sudo ufw allow http
$ sudo ufw allow https

Generating SSL Certificate using certbot

We’ll use the certbot command line tool to generate our ssl certificate for us. certbot is a command line interface to Let’’s API service. Generate certificate:

$ certbot certonly -d -d

Once our certificate has been generated it will live under:

$ ls -la /etc/letsencrypt/live/

Configuring HAproxy



    bind *:80
    bind *:443 ssl crt /etc/letsencrypt/live/

    use_backend www

backend www

    server node1 check # we will set nginx to listen on port 81
Matthew Davis

Published 5 years ago