Enable SSL in Haproxy Docker Container

I have a haproxy container running on port 80. This container is started with command

docker run -d -p 80:80 --name haproxy1 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7

This haproxy used following configuration file /home/ubuntu/haproxy/haproxy.cfg

global

defaults

frontend sok-front-end
    bind *:80
    mode http
    default_backend sok-front-end

backend sok-front-end
    mode http
    balance roundrobin
    server srv3 172.17.0.2:8000

To make this haproxy work with SSL, first create a ssl.pem file with your SSL certificate contents in following order

1) Your Private Key
2) Your SSL CRT
4) CA-BUNDLE

copy and paste all those certs into ssl.pem file inside /home/ubuntu/haproxy/ssl.pem

Now modify your /home/ubuntu/haproxy/haproxy.cfg file as follows

global

defaults

frontend sok-front-end
    bind *:80
    bind :::443 ssl crt /usr/local/etc/haproxy/ssl.pem
    acl https ssl_fc
    http-request set-header X-Forwarded-Proto http  if !https
    http-request set-header X-Forwarded-Proto https if https
    mode http
    default_backend sok-front-end

backend sok-front-end
    mode http
    balance roundrobin
    server srv3 172.17.0.2:8000

Now we need to stop current docker container as it only allow port 80 to be shared.

docker container stop haproxy1

Lets create a new haproxy container with port 443 forwaded.

docker run -d -p 80:80 -p 443:443 --name haproxy2 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7

See Haproxy

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *