@O_Mike wrote:

Help Please,
We are trying to use one SSL for multiple Ports (443 and 6085) on same instance. Using HAProxy.
We have tried the following configurations:

defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 20s
timeout queue 1m
timeout connect 15s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s # maxconn 3000

# This is our client/CDN facing SSL/TLS frontend listening on port 443, providing SSL termination in front of Varnish

frontend evd 10.0.0.1:6085
bind :443 ssl crt /etc/ssl/haproxy.pem no-sslv3 ciphers ECDHE+a**************************************** ***********************************************
default_backend varnish

frontend for_ssl_clients
log global

using no-sslv3 to ensure we only support TLS for security reasons http://disablessl3.com/haproxy

we are also setting the ciphers https://raymii.org/s/snippets/haproxy_set_specific_ssl_ciphers.html

bind 10.0.0.1:443 ssl crt /etc/ssl/haproxy.pem no-sslv3 ciphers ECDHE+a***************************************** ***********************************************
default_backend varnish*

#This configuration does not work. The server not run. when we Comment out the 6085 configuration the server for 443 delivers its content.
#What is the way out? please, such that we could make use of one SSL for two frontends, they they both use same backend.

Posts: 2

Participants: 2

Read full topic