Thanks to Let’s Encrypt program, we can now generate free SSL certificates. I used the beta program with success, but now I want to use it on another server running through HAProxy. This is a trick to combine certificate, chain, and private key to be loaded by HAProxy :-)

cat cert.pem chain.pem privkey.pem > combined.pem

Following is the command I used to generate the certificates, which can be improved to set email address and accept conditions.

./letsencrypt-auto certonly -a webroot --webroot-path /var/www/ -d domain.net -d www.domain.net
comments powered by Disqus