Add random cert name to the configuration of reverse-proxy:
set load-balancing reverse-proxy service http description 'Force redirect to HTTPS' set load-balancing reverse-proxy service http port '80' set load-balancing reverse-proxy service http redirect-http-to-https set load-balancing reverse-proxy service https backend 'bk-default' set load-balancing reverse-proxy service https description 'listen on 443 port' set load-balancing reverse-proxy service https mode 'http' set load-balancing reverse-proxy service https port '443' set load-balancing reverse-proxy service https ssl certificate 'cert' set load-balancing reverse-proxy service https rule 10 url-path exact '/.well-known/xxx' set load-balancing reverse-proxy service https rule 10 set redirect-location '/certs/' set load-balancing reverse-proxy service https rule 20 url-path end '/mail' set load-balancing reverse-proxy service https rule 20 url-path exact '/email/bar' set load-balancing reverse-proxy service https rule 20 set redirect-location '/postfix/' set load-balancing reverse-proxy backend bk-default description 'Default backend' set load-balancing reverse-proxy backend bk-default mode 'http' set load-balancing reverse-proxy backend bk-default server sr01 address '192.0.2.23' set load-balancing reverse-proxy backend bk-default server sr01 port '80' set load-balancing reverse-proxy global-parameters max-connections '4000' set load-balancing reverse-proxy global-parameters tls-version-min '1.3'
I don't have any PKI configuration, needs to check this case
vyos@r4# commit
[ load-balancing reverse-proxy ]
VyOS had an issue completing a command.
Report time: 2024-03-27 23:27:42
Image version: VyOS 1.5-rolling-202403250019
Release train: current
Built by: autobuild@vyos.net
Built on: Mon 25 Mar 2024 02:22 UTC
Build UUID: 84776b7b-9db0-4cf4-ac05-9a6fcf1e9128
Build commit ID: e765407943321f
Architecture: x86_64
Boot via: installed image
System type: KVM guest
Hardware vendor: QEMU
Hardware model: Standard PC (Q35 + ICH9, 2009)
Hardware S/N:
Hardware UUID: 166cfd25-7d3a-4eca-9ef6-0b655c9acf0f
Traceback (most recent call last):
File "/usr/libexec/vyos/conf_mode/load-balancing_reverse-proxy.py", line 162, in <module>
generate(c)
File "/usr/libexec/vyos/conf_mode/load-balancing_reverse-proxy.py", line 111, in generate
pki_cert = lb['pki']['certificate'][cert_name]
~~~~~~~~~^^^^^^^^^^^^^^^
KeyError: 'certificate'
[[load-balancing]] failed
Commit failed
[edit]
vyos@r4#