Solution for Let's Encrypt and HAProxy

janeczku · December 13, 2015, 4:05pm

I guess i am not the only one wondering about how to issue/renew certificates for domains served by HAProxy without having to take HAProxy offline while running LE in standalone mode.

Since i can’t afford any downtime on my load-balancers i wrote a Lua plugin for HAProxy that enables http-01 domain validations against running HAProxy instances.

TL;DR
HAProxy ACME validation plugin introduces HAProxy compatibility for Let’s Encrypt’s “webroot” method.

Feedback welcome!

hedefalk · December 17, 2015, 4:08pm

I reported a question as an issue on your repo since I didn’t remember how I found it. Should have asked here of course - too many browser tabs

TCM · December 22, 2015, 2:33am

So basically this makes HAProxy answer the request directly via a small web server in LUA, correct?

Topic		Replies	Views
Haproxy: 2 domains with LetsEncrypt certificates on a single Linux machine Server	4	7574	April 29, 2017
Renew certificates on multiple servers behind HAProxy Help	7	2192	February 18, 2021
Haproxy giving 503 using Webroot method Help	5	3283	March 19, 2019
Migrating process from Apache2 reverse proxy to HAproxy, need advice Help	4	1098	January 6, 2022
Let'sEncrypt, HAProxy and Pfsense Server	2	2484	September 13, 2017

Solution for Let's Encrypt and HAProxy

Related topics