Created
January 30, 2025 03:13
-
-
Save dky/1809cee95d563af3970a8eec1b14f0ee to your computer and use it in GitHub Desktop.
Loading a certificate into HAProxy using the Runtime api
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Define variables | |
| SOCKET_PATH="/var/run/haproxy.sock" # Adjust if needed | |
| CERT_PATH="/etc/haproxy/cert.pem" # Adjust the path to your cert.pem | |
| CERT_DIR="/etc/haproxy/certs" # Directory where HAProxy stores certificates | |
| CERT_NAME="my_cert" # The name to assign to the certificate in HAProxy | |
| # Ensure the cert directory exists | |
| mkdir -p "$CERT_DIR" | |
| # Validate the certificate file exists | |
| if [ ! -f "$CERT_PATH" ]; then | |
| echo "Error: Certificate file $CERT_PATH not found!" | |
| exit 1 | |
| fi | |
| # Strip new lines from the certificate | |
| CERT_CONTENT=$(awk '{printf "%s\\n", $0}' "$CERT_PATH") | |
| # Load the certificate into HAProxy | |
| echo "set ssl cert $CERT_DIR/$CERT_NAME.pem << | |
| $CERT_CONTENT | |
| " | socat - UNIX-CONNECT:"$SOCKET_PATH" | |
| # Commit changes | |
| echo "commit ssl cert $CERT_DIR/$CERT_NAME.pem" | socat - UNIX-CONNECT:"$SOCKET_PATH" | |
| echo "Certificate $CERT_NAME has been loaded into HAProxy." |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment