Quantcast
Channel: HAProxy community - Latest topics
Viewing all articles
Browse latest Browse all 4740

Configuration does not work when tested with openssl without servername

$
0
0

@augustynr wrote:

Hi,
I have haproxy running ok for most part, though I have one service which uses ssl and I have problems with it.
When I test it as:
openssl s_client -connect node1.server.com:443 -servername node1.server.com
haproxy redirects correctly returns correct certificate
if tested as
openssl s_client -connect node1.server.com:443
it does not redirect.
Any idea how to fix it?

frontend z-https-in
bind *:443

    mode tcp
    tcp-request inspect-delay 5s
    tcp-request content accept if { req.ssl_hello_type 1 }

    use_backend z-zc_01_https_backend  if { req.ssl_sni -i node1.server.com }
    use_backend z-zc_02_https_backend  if { req.ssl_sni -i node2.server.com }

backend z-zc_02_https_backend
mode tcp
server node11 192.168.199.229:443

backend z-zc_01_https_backend
mode tcp
server node4 192.168.199.132:443

Posts: 3

Participants: 2

Read full topic


Viewing all articles
Browse latest Browse all 4740

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>