H2 reuse one ip san cert

Hello,
i have haproxy 2.6.
i have san certificat and one ip address

voila:

FE1
bind *:443 ssl crt /etc/haproxy/certs/haproxy.pem alpn h2,http/1.1
acl acl_toredirect path -m beg redir
http-request redirect code 302 location https://server1.dom.com/auth if acl_toredirect
acl acl_server1 hdr(host) -i server1.dom.com
acl acl_server2 hdr(host) -i server2.dom.com
use_backend be1 if acl_server1 !acl_toredirect
use_backend be2 if acl_server2

backend be1
description be1
mode http
option http-server-close
server1 10.10.10.1:44443 ssl alpn h2,http/1.1 verify none

backend be2
description be2
mode http
option http-server-close
server2 10.10.10.2:44443 ssl alpn h2,http/1.1 verify none

If i open web page to https://server2.dom.com it’s ok but if i open https://server1.dom.com/auth i reuse the connection and i see in log:
be1\server1 TLSv1.3/TLS_AES_256_GCM_SHA384/server2.dom.com/▒▒R▒r▒▒?▒▒#025S▒▒"cu<Vj▒▒Dz:▒.#025f▒▒}| GET

h2 reuse the connection (COALESCING) after the redirect,
option http-server-close and option httpclose not change the behavior.

How to do ?

1 post - 1 participant

Read full topic