multiple ssl certs in haproxy

Create combined cert/key for each domain

You cat the and to create a combined .pem for each domain. You then add the path to each pem file. For example, a conf for and would look something like this.

cat > /etc/sslcerts/

Verify Cert

You can view the cert and check validity using openssl.

openssl x509 -in /etc/sslcerts/ -text

frontend bind declaration in haproxy configuration

 bind crt /etc/sslcerts/ crt /etc/sslcerts/

If you have specific ciphers, you can also add them per certificate. If one is 1024-bit vs 2048-bit for example.

After updating your configuration, just restart haproxy.

Verify Live Cert

openssl s_client -showcerts -connect


Great example on StackOverflow on how to configure multiple ssl certificates in haproxy. 

Current rating: 2