Not logging connections with letencrypt

We have two configurations using haproxy:

Production: With SSL cert on AWS NLB. Haproxy binds to port 80. Logging is working fine, for example:

Jul 14 09:41:04 localhost haproxy[996]: 210.200.69.57:42375 [14/Jul/2021:09:41:04.423] node_gateway api_gateway/ccpsa1 80/0/1/204/285 201 604 - - ---- 4/4/0/1/0 0/0 "POST /capi/v2/users/_get_invoice HTTP/1.1"

Staging: Using letsencrypt cert with haproxy bound to port 443. See below. This configuration logs service starts and stops, but connections don’t get logged. Any idea what I am doing wrong?

cat /etc/haproxy/haproxy.cfg
global
        log 127.0.0.1:514       local0
        #log /dev/log   local1 notice
        chroot /var/lib/haproxy
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s
        user haproxy
        group haproxy
        daemon

        # Default SSL material locations
        ca-base /etc/ssl/certs
        crt-base /etc/ssl/private

        # Default ciphers to use on SSL-enabled listening sockets.
        # For more information, see ciphers(1SSL). This list is from:
        #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
        ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
        ssl-default-bind-options no-sslv3
        maxconn 2048
        tune.ssl.default-dh-param 2048

defaults
        log     global
        mode    http
        option  httplog
        #option dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        option forwardfor
        option http-server-close
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

frontend apisslproxy
        log     global
        mode    http
        option  httplog
        bind :443 ssl crt /etc/haproxy/redacted.com.pem
        reqadd X-Forwarded-Proto:\ https
        acl PATH_settcon path_beg -i /console/settlement
        acl PATH_assets path_beg -i /assets
        acl PATH_settlement path_beg -i /settlement
        acl PATH_hc path_beg -i /health_check
        acl PATH_metrics path_beg -i /metrics
        use_backend settcon if PATH_settcon || PATH_assets || PATH_settlement || PATH_hc || PATH_metrics
        acl PATH_kyc path_beg -i /kyc
        use_backend kyc if PATH_kyc
        default_backend api_gateway

frontend www-http
        bind :80
        http-request silent-drop if TRUE

1 post - 1 participant

Read full topic

Not logging connections with letencrypt

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

Ominde Commission Report and Recommendations – Ominde Report of 1964

Bureau of Internal Revenue: Regional Offices (Directory)

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

Mp3 Download: Mdu - Kunjenjenjena

How the kill the job , when DTP request running for long hours.

Microsoft Intune から展開しているアプリのアップデートについて

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

Car crash in Dunton Bassett leaves driver in critical condition

Macky 2, Two Others In Road Accident

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

Detroit mafia: D’Anna Brothers agree to plea deal

Delivery block field greyed out using VA02

Muloraki Au

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出ｗ【リベンジポルノ】＠PornHub

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

FIAT 500 B0111 B0112