@schworak wrote:
I have configuration that works well when HTTPS is in the URL but of course, when it is HTTP, it fails. The problem is, I must specify the port number in the URL. I am using this as a way to test individual servers. So the website name must remain unchanged to work with the SSL cert but I can assign one port (and an associated frontend and backend) in the haproxy.cfg file to route to the correct server.
The problem happens when for what ever reason, HTTPS is not specified but the magic port number is. Some apps do a redirect (code beyond my control) and because the server is only running on port 80 without SSL and haproxy is doing all the SSL work, the app doesn’t realize it needs to redirect to https://… so it just redirects to the http:// version and that is where things break.
My config entry…
frontend port_801
bind *:801 ssl crt /etc/ssl/private/unified-cert-file.pem
capture request header Host len 32
capture request header User-Agent len 90
default_backend server_1_through_801backend server_1_through_801
option forwardfor
http-request add-header X-CLIENT-IP %[src]
server server1 192.168.10.101:80 checkNow, the question is, how do I make this work so if I specify http://mysite.com:801 that haproxy will still respond but auto redirect to https://mysite.com:801 without throwing a fit?
Any help would be greatly appreciated.
Posts: 1
Participants: 1