HAProxy and 'Loading mixed (insecure) display content' warnings on http backend

@revmarkp wrote:

My homelab is hosting a node.js app. I’m using the HAProxy package on pfSense. I’m wanting to use HAProxy for SSL offloading. The backend node.js, and it’s mongoDB are http. When a user goes into the site there are warnings about ‘loading mixed (insecure) display content’, coming through from the app, and the padlock gives a warning that the connection is ‘not secure’ as result. they’re mostly linked with calls to the db.

This seems to be a common issue, but I’m struggling to grasp which option (for the frontend?) I need to add to solve this.
Would one of the http-request-header or http-resposne-header’ actions’ apply https to all responses coming out the backend server (I think that’s what I need to achieve)

Here’s my HAProxy config:
# Automaticaly generated, dont edit manually.
# Generated on: 2019-12-19 09:41
global
	maxconn			100
	stats socket /tmp/haproxy.socket level admin 
	uid			80
	gid			80
	nbproc			1
	hard-stop-after		15m
	chroot				/tmp/haproxy_chroot
	daemon
	tune.ssl.default-dh-param	2048
	server-state-file /tmp/haproxy_server_state

listen HAProxyLocalStats
	bind 127.0.0.1:2200 name localstats
	mode http
	stats enable
	stats admin if TRUE
	stats show-legends
	stats uri /haproxy/haproxy_stats.php?haproxystats=1
	timeout client 5000
	timeout connect 5000
	timeout server 5000

frontend SpottingTrains_FE1
	bind			192.168.1.100:443 name 192.168.1.100:443   ssl crt-list /var/etc/haproxy/SpottingTrains_FE1.crt_list  
	mode			http
	log			global
	option			http-keep-alive
	timeout client		30000
	http-request add-header X-Forwarded-Proto https
	acl			aclcrt_SpottingTrains_FE1	var(txn.txnhost) -m reg -i ^www\.spottingtrains\.com(:([0-9]){1,5})?$
	acl			aclcrt_SpottingTrains_FE1	var(txn.txnhost) -m reg -i ^spottingtrains\.com(:([0-9]){1,5})?$
	http-request set-var(txn.txnhost) hdr(host)
	use_backend PengellyBeckett1_BE_ipvANY  if   aclcrt_SpottingTrains_FE1

backend PengellyBeckett1_BE_ipvANY
	mode			http
	id			100
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			pengellybeckettvm1 10.10.20.10:7331 id 101 check inter 1000

Posts: 3

Participants: 2

Read full topic

HAProxy and 'Loading mixed (insecure) display content' warnings on http backend

Trending Articles

RAMAYAMPET Mandal Sarpanch | Upa-Sarpanch | Ward member Mobile Numbers Medak...

लड़कियां सेक्स के दौरान क्यों करती है उह! आह!लड़कियां सेक्स के दौरान क्यों करती...

Neem Baba Extra Questions Answer Class 6 English Poorvi

Throw Back: 4×4 — Sikilitele (Ft Castro) Prod by JQ

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

Lowe faces four theft charges

Practice Sheet of Right form of verbs for HSC Students

Mafia, Murder & Mayhem In The Motor City: Detroit Mob Hit Timeline (1937-2007)

The 10 Tennessee Cities With The Largest Black Population For 2021

Materials Around Us Class 6 Worksheet Science Chapter 6

デスクトップヒープの枯渇

Best Suvichar in Hindi |बेस्ट सुविचार |शुभ विचार हिंदी में

Kanulanu Thaake Lyrics and translation | Manam (2014)

Korean Sex Porn Videos: XXX Videos & Free Porn Movies

Teen Shot In Miami Drive-By Dies From Injuries

Download: IQ Muzatasha feat Shy D & Pmj – Ulesi NiFertilizer Yamavuto

Mahakal Attitude Status

Property developer set up cannabis factory to help pay off debts...

♡

KB: How to troubleshoot issues when adding a Hyper-V host in System Center...