public

Deploy Free SSL with HAproxy and LetsEncrypt

certbot letsencrypt haproxy

Setup HAproxy and use LetsEncrypt We’re going to use HAproxy to perform SSL termination which will then “reverse proxy” to our web server using a (free) SSL Certificate from

Matthew Davis
Latest Post Speed kills software engineering. by Matthew Davis public

Setup HAproxy and use LetsEncrypt

We’re going to use HAproxy to perform SSL termination which will then “reverse proxy” to our web server using a (free) SSL Certificate from LetsEncrypt.

Installation

CentOS/RHEL

Installing HAproxy + certbot:

$ sudo yum install -y epel-release
$ sudo yum install -y haproxy certbot

Opening the firewall:

$ sudo firewall-cmd --permanent --add-port=80/tcp
$ sudo firewall-cmd --permanent --add-port=443/tcp
$ sudo firewall-cmd --reload

Debian/Ubuntu

Installing HAproxy + certbot:

$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install -y haproxy certbot

Opening the firewall:

$ sudo ufw allow http
$ sudo ufw allow https

Generating SSL Certificate using certbot

We’ll use the certbot command line tool to generate our ssl certificate for us. certbot is a command line interface to Let’sEncrypt.org’s API service. Generate certificate:

$ certbot certonly -d mydomain.com -d www.mydomain.com

Once our certificate has been generated it will live under:

$ ls -la /etc/letsencrypt/live/mydomain.com

Configuring HAproxy

/etc/haproxy/haproxy.cfg

frontend

    bind *:80
    bind *:443 ssl crt /etc/letsencrypt/live/yourdomain.com/all.pem

    use_backend www

backend www

    server node1 127.0.0.1:81 check # we will set nginx to listen on port 81
Matthew Davis

Published 4 years ago

Previous Post

Angular + Docker

dockerangular
Next Post

Deploy WordPress on Docker

dockerdocker-compose
need a helping hand? hire me! matthew@matthewdavis.io
made with ❤️ in NY.