Force browser to reload?
I have an application that redirects to a passthorugh port for certificate based authentication. The browser successfully redirects, but sits there and waits until something times out before it...
View ArticleRedirect a specific URL
Hello guys I have a HAProxy in front of my servers. Here is its config: global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660...
View ArticleHow to delete expired certificate
Hi, I tried to use the echo "del ssl cert /etc/haproxy/certs/test.pem" | socat /tmp/haproxy.sock, but I get the following error: Can't remove the certificate: certificate '/etc/haproxy/certs/test.pem'...
View ArticleTLS Passthrough with timeout values
Env: haproxy 2.2 Q: Does anyone know following parameters are effective or NOT, when we use TLS(SSL) Passthrough for backend?? timeout connect 5s timeout client 30s timeout client-fin 1s timeout...
View ArticlePassing Environment Variable as a Host header
I am generating a ha proxy config file using nix and I have a function which contains an argument host. The function uses the argument as follows: http-check send meth GET uri ${endpoint} ver HTTP/1.1...
View ArticleHow I can install or configure selinux (module) when installation from source...
There is selinux folder in haproxy source code directory , and this folder contains some haproxy files like as .pp .te and other types and rules. Should I install these modules in selinux in order to...
View ArticleSecure web socket through reverse proxy
Hey, I am new to HAProxy and working with sockets in general. I have trouble hole-punching through the proxy to the endpoint that starts up the socket. As of now, I am not even sure the problem is...
View ArticleTest health check
Hi All, I want to test http health check using curl command for a backend which is configured as shown below: backend nova_console-back mode http balance source timeout server 60m stick store-request...
View ArticleClik here to view.
HAProxy causing greatly reduced tcp performance across system
Hey guys, I’ve run into an interesting problem as I’ve started scaling up my smallish video streaming cdn. It seems that haproxy is causing my tcp stack to run into a bottleneck, resulting in...
View ArticleClient cert authetication pass through
Hi, quite new to haproxy, got a setup where haproxy is in http mode, need to do a setup where clients is doing client certificate authentication to application behind haproxy, but that seems to fail...
View ArticleClik here to view.
Renew SSL certificate
Hello. I’m new to haproxy, I configure the service successfully and it works for one year. Now, I need to renew the SSL certificate, but the procedure is not working. Bellow erros I’m getting:...
View Article100% CPU usage with HAproxy 2.0.31
Hi, I recently updated the version of haproxy from 2.0.25 to 2.0.31 to get rid of some vulnerability. It seemed okay and nothing special after updating, but about one or two weeks later, one of...
View ArticleLayer4 health check failures while using option http-check
HI There, I have 3 backend galera servers configured. global log /dev/log local0 log /dev/log local1 notice user root group root daemon ca-base /etc/ssl/certs crt-base /etc/ssl/private...
View ArticleProblem with backend selection - after a few successful hits suddenly wrong...
Hi experts! I have been using HAProxy for quite some time now and with most of the applications i run through it I have no problems at all. There are two sites however, that give me a lot of...
View ArticleHa proxy SSL with kubernets
Good afternoon people. I’m configuring a haproxy with SSL and it should direct the kubernetes services as a backend. My question. In addition to configuring SSL on haproxy, do I also need to create...
View ArticleClik here to view.
How to block URLs that does not contain a specific word using HA proxy
stackoverflow.com How to block URLs that does not contain a specific word using HA proxy haproxy asked by Nithin B on 07:28AM - 24 Apr 23 UTC I am trying to block URL’s that does not contain a word...
View ArticleHaproxy http to https redirect host header
I’m doing the following to redirect non-https traffic to https: redirect scheme https code 301 if !{ ssl_fc } Which works great, however if a user injects a Host header they are redirected to that URI...
View ArticleEnable haproxy CORS support for https
Hello I have no experience in managing and configuring haproxy, but I need to quickly adapt the existing haproxy configuration, which currently looks like this: frontend rpc-lcd-frontend bind...
View ArticleMatch server based on correct certificate?
Hi, I am trying to write a config that allows me to work with this setup: I currently have one client connecting to two different services (borth port 443) on two different servers (different IPs). I...
View ArticleDuplicate requests
Hello, I have simple configuration where client request come into Haproxy1 (backend Haproxy2) and this request send to Haproxy2 (backend somewhere). It’s working, no errors, but if there are so many...
View Article