Microk8s api nodes behind haproxy


I’m trying to wrap my microk8s cluster api nodes behind a loadbalancer, is there a guide to reach this?

In the cluster ha guide it only refers to the possibility, and only the external etcd guide exists, not an external loadbalancer for the apis.

Tried haproxy (it works flawlessly with kubeadm) to no avail, with this error:

curl -v -XGET  -H "User-Agent: kubectl/v1.28.1 (linux/amd64) kubernetes/8dc49c4" -H "Accept: application/json;g=apidiscovery.k8s.io;v=v2beta1;as=APIGroupDiscoveryList,application/json" 'https://k8cp.urbaman.it:16443/api'
Note: Unnecessary use of -X or --request, GET is already inferred.
*   Trying
* Connected to k8cp.urbaman.it ( port 16443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.0 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, decode error (562):
* error:0A000126:SSL routines::unexpected eof while reading
* Closing connection 0
curl: (35) error:0A000126:SSL routines::unexpected eof while reading