9

I just purchased an SSL Certificate. It came with 1 server certificate, 1 intermediate certificate and 1 root certificate.

I have my *.csr file and *.key used to create the certificates.

I am using Tutum with HAProxy and there is a SSL_CERT environment variable. I read the documentation but could not get it to work properly. How do I set this SSL_CERT environment variable?

ericraio
  • 1,469
  • 14
  • 35

1 Answers1

17

I am the maintainer of the tutum/haproxy image. To use SSL_CERT, you need a file containing both your public certificate(your.crt) and private key(your.key). You can do as follows:

cp your.key cert.pem cat your.crt >> cert.pem

Then, you can run: awk 1 ORS='\\n' ~/cert.pem.

Copy the output to SSL_CERT

Done

hfeng
  • 186
  • 2
  • 4
  • Yeah, this is what I figured out and was able to get things working. Thanks for writing the answer for others. – ericraio Apr 21 '15 at 16:46
  • 2
    There might be a slight typo in that it's `cat your.crt >> cert.pem` not `.csr` which is the certificate signing file. – yunspace Jul 20 '15 at 12:25
  • @yunspace yes. I have changed the name of the certificate. Thank you. – hfeng Sep 09 '15 at 11:02
  • cannot get this to work.... copied the output of snakeoil files as above to env variable in apahche/php/unbuntu container (using docker-compose)... also tried putting it in env vars for haproxy (both with and without DEFAULT_)... I have also set vhost bit... any way I try this I cannot get it working :( – Paul Smith Mar 14 '16 at 19:25
  • 1
    So it looks like it was just the VIRTUAL_HOST needed to proceed with https:// So proceed VIRTUAL_HOST with https and set SSL_CERT as per above in your linked application container. Happy boy :) – Paul Smith Mar 14 '16 at 20:15
  • There is a good complete example here that worked for me: https://github.com/tutumcloud/haproxy/issues/130#issuecomment-174492191 – crisscross Jun 11 '16 at 16:03