Add random cert name to the configuration of reverse-proxy:
set load-balancing reverse-proxy service http description 'Force redirect to HTTPS' set load-balancing reverse-proxy service http port '80' set load-balancing reverse-proxy service http redirect-http-to-https set load-balancing reverse-proxy service https backend 'bk-default' set load-balancing reverse-proxy service https description 'listen on 443 port' set load-balancing reverse-proxy service https mode 'http' set load-balancing reverse-proxy service https port '443' set load-balancing reverse-proxy service https ssl certificate 'cert' set load-balancing reverse-proxy service https rule 10 url-path exact '/.well-known/xxx' set load-balancing reverse-proxy service https rule 10 set redirect-location '/certs/' set load-balancing reverse-proxy service https rule 20 url-path end '/mail' set load-balancing reverse-proxy service https rule 20 url-path exact '/email/bar' set load-balancing reverse-proxy service https rule 20 set redirect-location '/postfix/' set load-balancing reverse-proxy backend bk-default description 'Default backend' set load-balancing reverse-proxy backend bk-default mode 'http' set load-balancing reverse-proxy backend bk-default server sr01 address '192.0.2.23' set load-balancing reverse-proxy backend bk-default server sr01 port '80' set load-balancing reverse-proxy global-parameters max-connections '4000' set load-balancing reverse-proxy global-parameters tls-version-min '1.3'
I don't have any PKI configuration, needs to check this case
vyos@r4# commit [ load-balancing reverse-proxy ] VyOS had an issue completing a command. Report time: 2024-03-27 23:27:42 Image version: VyOS 1.5-rolling-202403250019 Release train: current Built by: autobuild@vyos.net Built on: Mon 25 Mar 2024 02:22 UTC Build UUID: 84776b7b-9db0-4cf4-ac05-9a6fcf1e9128 Build commit ID: e765407943321f Architecture: x86_64 Boot via: installed image System type: KVM guest Hardware vendor: QEMU Hardware model: Standard PC (Q35 + ICH9, 2009) Hardware S/N: Hardware UUID: 166cfd25-7d3a-4eca-9ef6-0b655c9acf0f Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/load-balancing_reverse-proxy.py", line 162, in <module> generate(c) File "/usr/libexec/vyos/conf_mode/load-balancing_reverse-proxy.py", line 111, in generate pki_cert = lb['pki']['certificate'][cert_name] ~~~~~~~~~^^^^^^^^^^^^^^^ KeyError: 'certificate' [[load-balancing]] failed Commit failed [edit] vyos@r4#