...
Update your HAProxy configuration to use the fullchain.pem:
| Code Block |
|---|
frontend www-https_frontend bind *:443 ssl crt-list /etc/haproxy/ssl/fullchain.pem reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 443 default_backend app_www-backend-scsp |
2. Untrusted Certificate
Verify the root CA is trusted on client systems.
Cross-check using online tools like SSL Labs.
...