You can just do that. I have also certs behind a reverse proxy. My whole 'virtual/internal' applications in containers is running with my own CA certificates and on the reverse proxy I have some certs from known CA's Specific for this setup is a proxy protocol, that informs the public ip addresses instead of local ones.
Best is it to ask on something like the haproxy community. > My question: > > Would it have been possible to install the SSL certificates in the virtual > machines? > > > As far as I know, no, because then the reverse proxy can be seen as a 'man > in the middle attack'. > > This is why I configured the SSL certificates on the host, and as far as I > know this is also how it should be (after reading some articles about it > on the internet). > > > I do however also found the Apache directive SSLProxyEngine > <https://httpd.apache.org/docs/2.2/mod/mod_ssl.html#SSLProxyEngine> . Is > it possible with this directive the install/configure the SSL certificates > inside the virtual machines? > > > I'm curious :-)! >
