Hello,
up to now I’d configured
http-request redirect location https://www.example.com/ code 301 \
if { ssl_fc_sni -i example.com }
Since updating to 2.2.6 this produces an endless redirect loop because it matches also for host www.example.com?!
I’ve modified this now to
http-request redirect location https://www.example.com/ code 301 \
if { ssl_fc_sni -i example.com } { hdr(host) -i example.com }
My cert is for www.example.com with an alias for example.com.
I’m using haproxy since version 2.2.3 only, so can you explain me if this is a bug introduced in 2.2.6 or why I need to check for host header in addition to SNI now?
Thanks
4 posts - 2 participants