I currently have HA Proxy working with domain1.com, and am looking to add a domain2.com, I'm having a hard time finding documentation to support the adding of a second SSL certificate for SSL termination though, and was hoping for some assistance.
Current config:
frontend http-in:
bind *:80
redirect scheme https code 301 if !{ ssl_fc}
frontend https-in:
bind *:443 ssl crt /etc/haproxy/certs/domain1.pem
reqadd X-Forwarded-Proto:\ https
acl letsencrypt-acl path_beg /.wellknown/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl
acl domain1.com hdr_beg(host) -i domain1.com
use_backend domain1.com if domain1.com
acl demo.domain1.com hdr_beg(host) -i domain1.com
use_backend domain1.com if domain1.com
Desired/attempted config:
frontend http-in:
bind *:80
redirect scheme https code 301 if !{ ssl_fc}
frontend https-in:
bind *.domain1.com:443 ssl crt /etc/haproxy/certs/domain1.pem
bind *.domain2.com:443 ssl crt /etc/haproxy/certs/domain2.pem
reqadd X-Forwarded-Proto:\ https
acl letsencrypt-acl path_beg /.wellknown/acme-challenge/
use_backend letsencrypt-backend if letsencrypt-acl
acl domain1.com hdr_beg(host) -i domain1.com
use_backend domain1.com if domain1.com
acl demo.domain1.com hdr_beg(host) -i domain1.com
use_backend domain1.com if domain1.com
acl domain2.com hdr_beg(host) -i domain2.com
use_backend domain2.com if domain2.com
I'm sure I'm missing something, my attempted/desired config errors out generically telling me the config is wrong, so I'm sure there's a more correct way of going about this, help and suggestions much appreciated!
