Haproxy

From Bitpost wiki
Revision as of 01:58, 9 December 2019 by M (talk | contribs)

Intro

SSL

Cipher configuration for ssl labs A rating

For working code to get an A+, see bitpost.com:/etc/haproxy/haproxy.cfg

Config

Config is here: 

 🌵 m@bitpost  [~/development/scripts/gentoo/bitpost/root] emacs haproxy.cfg

After changing it, restart it: 

sudo /etc/init.d/haproxy restart

2019-12-08 It was updated to use a new config format to prevent ssl less than TLS1.2. It was also updated with an attempt to redirect www.* to *, but we need updated certificates with multiple names. certbot script was updated to add them, but it has not recreated certs yet. Check back in February at the latest!

Retrieved from "https://bitpost.com/w/index.php?title=Haproxy&oldid=5637"