Quantcast
Channel: HAProxy community - Latest topics
Viewing all articles
Browse latest Browse all 4718

Getting HAProxy to use TLS towards backend fails

$
0
0

Hiya,

I’m quite new to HAProxy, so please bear with me if I seem to be a bit confused.

I’m using
HAProxy version 2.6.9-1

Built with OpenSSL version : OpenSSL 1.1.1n 15 Mar 2022
Running on OpenSSL version : OpenSSL 1.1.1n 15 Mar 2022
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3

I have an application running that can’t use TLS. I’m trying to ‘hide’ it behind HAProxy so that when the application POST’s to a messagebroker, it goes through HAProxy which then changes the transmission to https.
This is my setup:
backend tx-mbroker
timeout connect 5000
timeout server 50000
retries 3
server f.mbroker.dk 193.162.159.194:443 ssl verify required ca-file /etc/haproxy/certs/MbrokerCA.pem crt /etc/haproxy/certs/aertdpbr01.mbroker.dk-combined.pem check check-sni f.mbroker.dk
http-request set-header Host aertdpbr01.mbroker.dk
http-request set-header X-Proto https

Unfortunately the message broker(citrix netscaler) claims that HAproxy doesn’t present a TLS certificate and drops the connection.

What am I doing wrong?

Thanks,

/tony

1 post - 1 participant

Read full topic


Viewing all articles
Browse latest Browse all 4718

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>