@yong wrote:
Hi, all
I have two domain name test1 and test2
test1 needs to verify client certificate,
test2 is a normal https websitehere’s the config for test1, but I don’t know how to merge test2 to it becase test2 does not need to verify client certificate, seems ‘verify required’ is a global option, how can I just let test1 to verify client certificate? Thanks for the help (I’m new to HAProxy, please correct me if anything wrong in my config, thanks a lot.).
frontend http_in bind *:80 bind *:443 ssl crt /etc/ssl/certsforhaproxy/test1.pem crt /etc/ssl/certsforhaproxy/test2.pem ca-file /etc/ssl/certsforhaproxy/ca.pem verify required redirect scheme https if !{ ssl_fc } acs host_test1 hdr_beg(host) test1.demo.com acs host_test2 hdr_beg(host) test2.demo.com use_backend test1_back if host_test1 use_backend test2_back if host_test2 backend test1_back mode http default-server inter 2s fall 2 rise 2 server node1 10.10.0.1:1234 check port 1234 server node2 10.10.0.2:1234 check port 1234 server node3 10.10.0.3:1234 check port 1234 backend test2_back mode http default-server inter 2s fall 2 rise 2 server node1 10.10.0.1:2345 check port 2345 server node2 10.10.0.2:2345 check port 2345 server node3 10.10.0.3:2345 check port 2345
Posts: 2
Participants: 2