@Nitz wrote:
Greetings!
I am using Haproxy 2.05 (upgraded from 1.8 onwards) with HTTP1.1 and SSL pass through configured and working fine on FreeBSD 11.2 with OpenSSL 1.0.x + LetsEncrypt TLS1.2 certs and few backends running Apache and Nginx servers.
Now I am upgrading to a new server running FreeBSD 12.0 and OpenSSL 1.1.1c (OpenSSL has been installed from ports).
I am curious to know if I could enable HTTP2 with SSL pass through. I am not able to find much info on how to do this if it possible with Haproxy 2.05 and all my trial and error have been failing as of now. If it is possible, kindly share how to achieve this.
Or, is SSL termination the only way out to enable HTTP2 with TL1.2+? I have read a bit about CPU spikes in case of SSL termination mode, although I have never personally tried this option. Is that true? Which option would be better to use in production with just a few servers? We haven’t had too much traffic (less than 2k hits daily) but expect it to rise considerably (maybe 20-30k hits daily) in the near future.
I am still learning the tricks of the trade so please do excuse me in case my queries seem too naive.
Thanks in advance.
Warm regards,
Nitz
Posts: 1
Participants: 1