Use SSL certificates from dnsimple with HAProxy

Posted on: 2021-01-03
Software versions: HAProxy v2

To use the certificates generated by dnsimple with HAProxy, the best is to concatenate the certificates and the private key into one file, being careful to also include the intermediate certificates if some were generated, for example, if you generated certificates named my_site:

cat my_site.pem my_site.key > /path/to/certs/my_site_final.pem

If you look into the file, you should see your certificate(s) and private key concatenated like such:

-----BEGIN CERTIFICATE----- {certificate content} -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- {intermediate certificate content} -----END CERTIFICATE----- -----BEGIN RSA PRIVATE KEY----- {private key content} -----END RSA PRIVATE KEY-----

Then you can configure your haproxy backend to use the certs :

frontend http-in mode http bind bind *:443 ssl crt /path/to/certs/ http-request redirect scheme https unless { ssl_fc } # ...