Christian

Christian

Planned

In the loadbalancer, you can create certificates for all assigned webservers. This works well for a certain number of certificates.

In haproxy.cfg the newly created certificates are added to the line bind *:443 ssl crt

When you have a lot of certificates, you exceed the allowed number of characters per line, resulting in a

The LB failed to reload due to this error: parsing [/etc/haproxy/haproxy.cfg:65]: too many words, truncating after word 64, position 1344:

The easy fix is to replace the above config line with

bind *:443 ssl crt-list /etc/haproxy/crt-list.txt

and add all certificates into that crt-list.txt file.

Valentin

Valentin

·
·

Would be great to have this one fixed

no votes yet
You may use @ to mention someone.

Loadbalancer: Allow many certificates (use crt-list)

2 total votes
Valentin Christian

  • Dennis moved item to board Planned

    3 months ago

  • Christian moved item to project Bugs

    3 months ago

  • Christian created the item

    3 months ago