If you want to use a wildcard SSL certificate with HAProxy, you have to manually paste the raw HAProxy config into the custom configuration field. It works, but it’s not very user-friendly. It would be much better if the UI supported this directly, similar to how SSL is already handled for regular servers, so users could just upload or reference a .pem file and have everything set up automatically, without needing to write HAProxy config themselves.

It would also be really helpful to manage HTTP-to-HTTPS redirects and preferred domain settings (like forcing www or non-www) directly from the UI at the proxy level. Right now, this is tricky because the generated config already includes port 80 listeners, which can conflict with custom redirect rules. As a result, cleanly setting this up isn’t really possible without overrides. Adding a dedicated redirect option in the load balancer UI, like what already exists for standard server setups, would solve this neatly.

These aren’t critical issues, but they would make things a lot smoother. Since the load balancer feature is used by a smaller group of users, they’re more in the “nice to have” category. Still, for teams that can’t rely on Let’s Encrypt (for example, when using GeoIP restrictions), having proper wildcard certificate and redirect support built into the UI would make the load balancer feel much more complete and easier to use.