Docker Community Forums

Share and learn in the Docker community.

HAProxy ssl config


(Speerit23) #1


I have a php application running with nginx and its own ssl forcing https on its own. I want to load balance it with the haproxy image from docker cloud, but i cant found how to make it work with ssl enabled.

it log the following error:

INFO:haproxy:HAProxy(PID:188) has been terminated
2017-01-29T00:31:24.736499144Z [ALERT] 028/003124 (189) : parsing [/haproxy.cfg:41] : ‘bind :443’ : unable to load SSL private key from PEM file ‘/certs/cert0.pem’.
2017-01-29T00:31:24.736824887Z [ALERT] 028/003124 (189) : Error(s) found in configuration file : /haproxy.cfg
2017-01-29T00:31:24.736995409Z [ALERT] 028/003124 (189) : Proxy ‘default_port_443’: no SSL certificate specified for bind ‘:443’ at [/haproxy.cfg:41] (use ‘crt’).
2017-01-29T00:31:24.737013826Z [ALERT] 028/003124 (189) : Fatal errors found in configuration.
2017-01-29T00:31:28.480817451Z INFO:haproxy:=> Add task: haproxy 189 died , restart
2017-01-29T00:31:29.481975334Z INFO:haproxy:=> Executing task: haproxy 189 died , restart

I put the content of my pem file into the DEFAULT_SSL_CERT env variable of the app service and i have 3 containers of those (scaled).

Any help please, example will be real great.


(Abellion) #2

Make sure your pem file is valid. It should have one \n between the private and public keys.

Also, if you have others services that needs SSL termination, you should put the pem content in the “SSL_CERT” en var, instead of “DEFAULT_SSL_CERT”.