How to enable SSL for haproxy stats webpage over https?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux (all versions)
  • HAProxy (all versions)

Issue

  • How to enable HTTPS for haproxy stats webpage?

Resolution

  • Instead of binding the port number with the listen keyword of listen section, use bind with the ssl certificate which should contain both the private key and certificate. Please refer to Using haproxy 1.5 to terminate ssl connections for creating self-signed certificates.
. . .
listen stats                      //do not add port numbers here                                                  
bind :<port-number> ssl crt <path to .pem file>             
mode http
stats enable                      //Enables stats                                                                               
. . .

NOTE: use the bind keyword with "ssl certificate"; replace <port-number> with relevant value.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments