Community discussions

MikroTik App
 
Kevo
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 67
Joined: Wed Oct 12, 2011 1:38 am

Anyone using haproxy with let's encrypt?

Tue Feb 14, 2023 3:09 am

I've used haproxy before in a standard environment, so I played around with the container a bit, but I didn't find a very straightforward way to get it running with let's encrypt. I thought about building my own custom container, but while hunting around on the net I ran across caddy and was able to get it running pretty easily. It's running well enough for what I need, but I would be curious if anyone has a good haproxy setup running as caddy is not quite as performant and I could see wanting to switch back to haproxy in some situations. Pointers would be appreciated.
 
joegoldman
Forum Veteran
Forum Veteran
Posts: 766
Joined: Mon May 27, 2013 2:05 am

Re: Anyone using haproxy with let's encrypt?

Tue Feb 14, 2023 3:30 am

Yes you can run LetsEncrypt on HAProxy frontend (I have done it) - it is not mikrotik specific and I would suggest asking in a community forum based around those technologies for more in-depth answer.

- Make your renew script use local server on custom port
- Create backend to that webserver in haproxy
- have acl on frontend based on "/.well-known/" uri matching to redirect those requests to the letsencrypt backend
 
Kevo
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 67
Joined: Wed Oct 12, 2011 1:38 am

Re: Anyone using haproxy with let's encrypt?

Tue Feb 14, 2023 8:23 pm

Yeah, it just seems a bit more complicated with containers. I think it's either build your own container with the let's encrypt bits you need, or combine two existing standard containers with a shared mount to store the certificates. I'm not a big user of containers so it was a bit more work than I wanted to deal with at the time I was trying it out. If I end up needing haproxy on a router instead of caddy for performance sake I will probably just end up building a custom container for it. I was just wondering if anyone has already worked it out and had any pointers.

Who is online

Users browsing this forum: No registered users and 8 guests