Skip to content
/ mtls-haproxy Public

The Client Certificate Authentication/mTLS Architecture in Haproxy

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sonnyyu/mtls-haproxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
certs
certs
 
 
haproxy
haproxy
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

Install software

git clone https://github.com/sonnyyu/mtls-haproxy
cd mtls-haproxy

Use mtls-cert-manage generate server/client/ca certificate

https://github.com/sonnyyu/mtls-cert-manage

Copy Server Certificate from mtls-cert-manage

cd ~/mtls-cert-manage/pki/haproxycerts
cp server.pem ca.crt ~/mtls-haproxy/haproxy/etc/certs

Copy Client Certificate from mtls-cert-manage

cd ~/mtls-cert-manage/pki/clientcerts
cp * ~/mtls-haproxy/certs

Getting Haproxy started with certificate

docker-compose up -d

Quit

docker-compose down

Quit and remove Volume

docker-compose down -v

Test mTLS

cd ~/mtls-haproxy/certs
curl --cert client1.crt --key client1.key --cacert ca.crt https://192.168.1.204
curl --cert-type P12 --cert client1.p12:p12pass --cacert ca.crt https://192.168.1.204

Test mTLS with password

cd ~/mtls-haproxy/certs
curl --cert client2.crt:cppass --key client2.key --cacert ca.crt https://192.168.1.204
curl --cert-type P12 --cert client2.p12:p12pass --cacert ca.crt https://192.168.1.204

Install certificate at PC

Install certificate

Open Browser

https://192.168.1.204

About

The Client Certificate Authentication/mTLS Architecture in Haproxy

Topics

docker docker-compose proxy haproxy mtls client-certificate-authentication mtls-authentication

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published