In the loadbalancer, you can create certificates for all assigned webservers. This works well for a certain number of certificates.

In haproxy.cfg the newly created certificates are added to the line bind *:443 ssl crt

When you have a lot of certificates, you exceed the allowed number of characters per line, resulting in a

The LB failed to reload due to this error: parsing [/etc/haproxy/haproxy.cfg:65]: too many words, truncating after word 64, position 1344:

The easy fix is to replace the above config line with

bind *:443 ssl crt-list /etc/haproxy/crt-list.txt

and add all certificates into that crt-list.txt file.

You may use @ to mention someone.

Loadbalancer: Allow many certificates (use crt-list)

1 total vote
  • Dennis moved item to board Planned

    1 month ago
  • Christian moved item to project Bugs

    1 month ago
  • Christian created the item

    1 month ago