How to get ssl certificate hidden behind haproxy?

M

Michael2020-12-10 18:41:32

proxy

Michael, 2020-12-10 18:41:32

There is a VM with onlyoffice
, it works without ssl , in fact,
I plan requests for this VM, even if through haproxy,
but the problem is that the main domain (my cant) at one time I hooked on HSTS and now access to onlyoffice hanging at crm.mysite.ru automatically requests an ssl certificate (or rather, browsers ask)
But the problem is getting a certificate is that this assembly is onlyoffice on containers and you will understand where everything is in its bowels. And I want to generate a certificate and attach it to a proxy so that it would give it to incoming browsers, and let onlyoffice itself work on port 80.
And how will certbot generate it if there is no access to the onlyoffice web server - a vicious circle is obtained.
Where to dig?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

K

ky0, 2020-12-10
@ky0

A sertbot doesn't need access to giblets - it's enough if he (well, not directly himself, but some nginx standing in front of your open office) can give a file from /.well-knownor, in case of confirmation using DNS, twitch the API of the DNS provider.