I have haproxy_server and apache_server in different datacenters, what is the best way to have encrypt connection between them?
It’s working with the certbotand with the following configuration:
frontend http_front
bind <haproxy_IP_server>:80
bind <haproxy_IP_server>:443 ssl crt /etc/haproxy/certs/certbot.com.pem
backend http_back
server <1_web_server> <1_web_server_IP>:80 check weight 1
server <2_web_server> <2_web_server_IP>:80 check weight 1
With this I can get my https://www.example.com site working with SSL.
But I think the connection between haproxy_server and apache_server is not encrypted? This is correct?
I need made a openvpn or Stunnel between them, or I can have encrypt connection with the following haproxy.cfg?
backend http_back
server <1_web_server> <1_web_server_IP>:80 check weight 1 ssl verify no