This config works fine on 1.8 but on 2.4 the back end appears to generate a HTTP 400. Any ideas of things I can try that would be standout differences between 1.8 and 2.4?
frontend service:8188
#---------------------------------------------------------------------
# Blacklist: Deny access to some IPs before anything else is checked
#---------------------------------------------------------------------
tcp-request content reject if { src -f /etc/haproxy/acl_lists/blacklist.lst }
#---------------------------------------------------------------------
bind 192.168.0.2:8188 ssl crt /etc/pki/tls/private/letsencrypt.pem
http-response set-header Strict-Transport-Security max-age=31536000;\ includeSubDomains
http-response set-header X-Frame-Option DENY
http-response set-header X-Content-Type-Options nosniff
http-after-response replace-header Set-Cookie '(^((?!(?i)httponly).)*$)' "\1; HttpOnly"
http-after-response replace-header Set-Cookie '(^((?!(?i)secure).)*$)' "\1; Secure" if { ssl_fc }
option http-keep-alive
default_backend backend:8188
backend backend:8188
#------------------------------
timeout server 300s
#------------------------------
balance roundrobin
option http-keep-alive
option prefer-last-server
option forwardfor
option http-buffer-request
server APP 192.168.0.3:8188 check ssl verify none
Please let me know if you need more info. The app itself is not too helpful in explaining why it’s getting a 400 other than: HTTP/1.1 400 Bad Request
Thank you,
Matt
2 posts - 2 participants