...
Common Issues and Solutions
1.
...
Ensure the PEM file includes:
Server certificate.
Intermediate certificates (in proper order).
Combine certificates if necessary:
Code Block cat server.crt intermediate.crt > fullchain.pem
...
Verify Full Certificate Chain Delivery
HAProxy must be configured to provide the full certificate chain. Ensure the PEM file includes:
...
| Code Block |
|---|
frontend https_frontend
bind *:443 ssl crt /etc/haproxy/fullchain.pem
default_backend app_backend |
...
2. Untrusted Certificate
Verify the root CA is trusted on client systems.
Cross-check using online tools like SSL Labs.
...
3. Incorrect Certificate Deployment
Verify the PEM file and private key:
...