@BlackAdderDK wrote:
Hi
I’m trying to get ADFS to work in HAProxy, and it works in simple TCP setup:
defaults
log global
timeout connect 5000ms
timeout client 50000ms
timeout server 50000msfrontend ADFSFrontend
bind 10.0.0.100:443
mode tcp
default_backend ADFSBackendbackend ADFSBackend
mode tcp
balance roundrobin
server 450adfs01 10.0.0.101:443 check
server 450adfs02 10.0.0.102:443 checkOn the other hand I can get sni to work… but I can’t get any checks to work here - any ideas?
frontend ADFSFrontend
bind 10.0.0.100:443 ssl crt /etc/ssl/mycert.pem
mode tcp
default_backend ADFSBackendbackend ADFSBackend
mode tcp
balance roundrobin
option httpchk GET /adfs/ls/IdpInitiatedSignon.aspx HTTP/1.0\r\n
http-check expect string Sign\ in
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
server 450adfs01 10.0.0.101:443 ssl verify none sni ssl_fc_sni inter 3s rise 2 fall 3
server 450adfs02 10.0.0.102:443 ssl verify none sni ssl_fc_sni inter 3s rise 2 fall 3Any comments are welcome
Best regards
Flemming
Posts: 2
Participants: 2