SSL Chuncked Error

Hi all !

I have 2 frontends one HTTP and another for HTTPS using the same backend. I force some domains to HTTPS frontend

When I use the HTTPS frontend I’m receiving the follow error.

POST https://client.domain4.com.br/wwv_flow.ajax net::ERR_INCOMPLETE_CHUNKED_ENCODING 200 (200)

I tested in Google chrome and Microsfot Edge

The same request using HTTP frontend works correct.

My haproxy version is 1.8.25 inside a pfsense firewall.

Below the config:

global
maxconn 40000
stats socket /tmp/haproxy.socket level admin expose-fd listeners
gid 80
nbproc 1
nbthread 1
hard-stop-after 15m
chroot /tmp/haproxy_chroot
daemon
tune.ssl.default-dh-param 2048
server-state-file /tmp/haproxy_server_state

frontend webapex-base-http
bind XXX.XXX.XXX.XX:80 name XXX.XXX.XXX.XX:80
mode http
log global
option dontlognull
option log-separate-errors
option http-keep-alive
option forwardfor
acl https ssl_fc
http-request set-header X-Forwarded-Proto http if !https
http-request set-header X-Forwarded-Proto https if https
timeout client 900000
acl URL var(txn.txnhost) -m end -i domain1.com.br
acl URL-DOMAIN2 var(txn.txnhost) -m end -i domain2.com.br
acl URL-DOMAIN3 var(txn.txnhost) -m end -i domain3.com.br
http-request set-var(txn.txnhost) hdr(host)
http-request redirect scheme https if URL
http-request redirect scheme https if URL-DOMAIN2
http-request redirect scheme https if URL-DOMAIN3
default_backend bk_k8s_webapex_ipv4

frontend webapex-base
bind XXX.XXX.XXX.XX:443 name XXX.XXX.XXX.XX:443 ssl crt-list /var/etc/haproxy/webapex-base.crt_list
mode http
log global
option dontlognull
option log-separate-errors
option http-keep-alive
option forwardfor
acl https ssl_fc
http-request set-header X-Forwarded-Proto http if !https
http-request set-header X-Forwarded-Proto https if https
maxconn 10000
timeout client 900000
acl aclcrt_webapex-base var(txn.txnhost) -m reg -i ^([^.]).domain1.com.br(:([0-9]){1,5})? acl aclcrt_webapex-base var(txn.txnhost) -m reg -i ^([^\.]*)\.domain2\.com\.br(:([0-9]){1,5})?
acl aclcrt_webapex-base var(txn.txnhost) -m reg -i ^([^.]).domain3.com.br(:([0-9]){1,5})?$
http-request set-var(txn.txnhost) hdr(host)
use_backend bk_k8s_webapex_ipv4 if aclcrt_webapex-base

backend bk_k8s_webapex_ipv4
mode http
id 10125
log global
cookie ORDS insert indirect nocache httponly dynamic
dynamic-cookie-key XXXXX
balance roundrobin
timeout connect 900000
timeout server 3600000
retries 3
source ipv4@ usesrc clientip
server k8s-05 192.168.224.10:30147 id 10102 check inter 1000 weight 1
server k8s-06 192.168.224.11:30147 id 10103 check inter 1000 weight 1
server k8s-02 192.168.224.13:30147 id 10104 check inter 1000 weight 1
server k8s-03 192.168.224.14:30147 id 10147 check inter 1000 weight 1

1 post - 1 participant

Read full topic