@dsgnr wrote:
Hey, I’ve been using HAProxy for a while now, moving from Nginx proxies. It’s awesome!
I have been using it as a standard https proxy but I’m now attempting to pass my RDS gateway through it also (as I only have one home WAN IP).
My config is here: https://pastebin.com/AmBBE2CY so at the moment the RDS gateway does work, but when I attempt to add another backend, it is still defaulting to the ssl_sp backend. However, the weird one is that when I remove that default_backend vars on the front-end, nothing works.
So i’m guessing that the req_ssl_sni element isn’t working correctly, although running an openssl checker, as well as the
haproxy -f /etc/haproxy/haproxy.cfg -V -dcommand, i’m not seeing anything come through, except:00000000:ssl_relay.accept(0007)=000a from [redacted:63249] ALPN=<none>So for example, I’d like to add this to the frontend:
use_backend ssl_rd if { req_ssl_sni -i zabbix.domain.cloud }and this to the backend:
backend zabbix redirect scheme https if !{ ssl_fc } server zabbix.domain.cloud 10.50.3.11:443 ssl verify none checkI have looked at other topics but I don’t seem to be able to resolve this with my scenario. If anyone can offer any advise that would be great.
Posts: 4
Participants: 2