In the loadbalancer, you can create certificates for all assigned webservers. This works well for a certain number of certificates.
In haproxy.cfg the newly created certificates are added to the line
bind *:443 ssl crt
When you have a lot of certificates, you exceed the allowed number of characters per line, resulting in a
The LB failed to reload due to this error: parsing [/etc/haproxy/haproxy.cfg:65]: too many words, truncating after word 64, position 1344:
The easy fix is to replace the above config line with
bind *:443 ssl crt-list /etc/haproxy/crt-list.txt
and add all certificates into that crt-list.txt file.
Dennis moved item to board Planned1 month ago
Christian moved item to project Bugs1 month ago
Christian created the item1 month ago