Hi All,
I have a new install of pfSense and HAProxy but am having issues persuading HAProxy to serve act as a reverse proxy for multiple SSL domains.
I have genuine digicert certificates for all of my domains, 2 are wildcards, one is a single host name, so there is no ACME/Lets-Encrypt requirement.
No matter how I set it up, HAProxy is not serving up the correct certificate for some of the websites.
All of my websites currently reside on the same server either as docker containers (wordpress/drupal websites, UISP controller), or as direct installs (Unifi controller).
I was previously serving all of these domains via an nginx docker on the same server as the various web sites, although the Unifi ones were somewhat outside of what it could see (I had a docker network setup so they could all see each other) as they were direct installs.
The implication from the HAProxy documentation is that the only way this will work is by using tcp, rather than http which would create a layer 4 rather than layer 7 load balancer.
Unfortunately the ‘defaults’ section where this would be defined in the haproxy.cfg file is not implemented in the pfSense version of HAProxy according to the HAProxy documentation for pfSense (in the differences section).
Any suggestions, other than simply using NAT to point directly at my nginx container and giving up with HAProxy?