The following order is the correct PEM file order for HA-PROXY
- certificate.key
- certificate.crt
- certificate.bundle.crt
This bash script will do it for you with Let’s Encrypt
cat /usr/local/bin/renew.sh
#!/bin/sh
# move to the correct let's encrypt directory
cd /etc/letsencrypt/live/override.nl-0001/
cat fullchain.pem privkey.pem > /etc/haproxy/certs/override.nl.pem
cd /etc/letsencrypt/live/cloud.override.nl/
cat fullchain.pem privkey.pem > /etc/haproxy/certs/cloud.override.nl.pem
# reload haproxy
service haproxy reload
Leave a Reply