Enable SSL in Haproxy Docker Container
I have a haproxy container running on port 80. This container is started with command
docker run -d -p 80:80 --name haproxy1 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7
This haproxy used following configuration file /home/ubuntu/haproxy/haproxy.cfg
global defaults frontend sok-front-end bind *:80 mode http default_backend sok-front-end backend sok-front-end mode http balance roundrobin server srv3 172.17.0.2:8000
To make this haproxy work with SSL, first create a ssl.pem file with your SSL certificate contents in following order
1) Your Private Key 2) Your SSL CRT 4) CA-BUNDLE
copy and paste all those certs into ssl.pem file inside /home/ubuntu/haproxy/ssl.pem
Now modify your /home/ubuntu/haproxy/haproxy.cfg file as follows
global defaults frontend sok-front-end bind *:80 bind :::443 ssl crt /usr/local/etc/haproxy/ssl.pem acl https ssl_fc http-request set-header X-Forwarded-Proto http if !https http-request set-header X-Forwarded-Proto https if https mode http default_backend sok-front-end backend sok-front-end mode http balance roundrobin server srv3 172.17.0.2:8000
Now we need to stop current docker container as it only allow port 80 to be shared.
docker container stop haproxy1
Lets create a new haproxy container with port 443 forwaded.
docker run -d -p 80:80 -p 443:443 --name haproxy2 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7
See Haproxy