Start with HTTP, add HTTPS when certificates are available
What I’d like to achieve is to have HAProxy running in a docker container, proxying requests to website containers and to a container obtaining certificates. For apparent reasons I need to start with...
View ArticleHAProxy & Cloudflare - 526 Invalid SSL
Hi All, Firstly HI! im new here an i apoligise if this is in the wrong location… Been having some issues setting up HAProxy as a reverse proxy for my services. What i aim to achieve is use Cloudflare...
View ArticleSplit ip and port from URL and re-use in backend
Url’s are called by http://somewebsocket.domain.com/123.123.123.123/8700 on the frontend. These ip and ports can differ. We want to split the url and set variables for the ip and port (first and...
View Article502 Error connecting to a websocket
I’m trying to connect to a websocket written in Golang (gotty), but it seems that haproxy is not happy with the response headers (PH–) and it returns a 502. 000015fe:application.accept(0008)=001d from...
View ArticleRoute TCP according to payload
if I use haproxy 2.8, this configue is ok: global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s...
View ArticleClik here to view.
HaProxy as reverse proxy for ArcGIS
Hi I am trying to configure a reverse proxy to sit in front of an ArcGIS environment, link below from ESI’s documentation regarding reverse proxy config for reference. enterprise.arcgis.com Configure...
View ArticleClik here to view.
Redirect of top level domain and subdomains -> too many redirects (different...
I am currently trying to figure out if the software itself causes the problem or the configuration I wrote in HAProxy, so apologies if it’s not HAProxy related. I need to redirects to two different...
View ArticleHAProxy keeps using the same server for every request (on same conn)
I’m using roundrobin on a http backend to rotate upstream http proxies. For some reason, the load is balanced as expected on new connections, but making multiple requests from the same connection uses...
View ArticleCan my haproxy.cfg be improved?
I’ve been using this config for a while and it’s been working fine, but I recently began wondering whether it could be improved - could someone take a look and let me know if it’s optimal or not...
View ArticleCan't set ssl httpchk
Everything is OK before I add this code in the section backend: option httpchk http-check connect port 443 ssl sni www.google.com http-check send meth HEAD uri / ver HTTP/1.1 hdr host www.google.com...
View ArticleHAProxy CORS setup
Hi all, I’m trying to follow security guidelines and secure backend application with proper HAProxy headers to allow for safe CORS mechanism. I’m facing a few issues here: the backend application...
View Article400 bad on https frontend to https backend
Hello, I’m trying to set up a reverse proxy for an application that is running on HTTPS and does not accept http, only https and it cannot be changed. Using Haproxy, the redirection is always thrown...
View ArticleOcsp-response and proxy server
(topic deleted by author) 1 post - 1 participant Read full topic
View ArticleOcsp-updates and proxy server problem
Hi! I’m setting up OCSP with Haproxy 3.0.2 Everything is good and well if I download the ocsp repsonse file myself with openssl But If I’m trying to have haproxy get oscp updates, it fails because I...
View ArticleSSL Resumptions across multiple VMs
Hello, I would like to know whether SSL resumptions across multiple nodes is possible using HAProxy? Is there a way to distribute the SSL cache to the other nodes running on HAProxy? Is there a way to...
View ArticleHaproxy doesn't resolve a domain to all the IPs
I’ve created a Docker Compose project with haproxy and 4 replicas of a web server. I’m using server-template to connect haproxy to the replicas: server-template s 4 app:80 check But: $ docker compose...
View ArticleClik here to view.
Set level err is not working
I am not getting any logs when I set the log level as err. When I give 503 req manually also, the acl failure_request not works it seems as I don’t see any logs in /var/logs/haprxy/error.log But if...
View ArticleNeed Help haproxy and keycloak
Hello everyone, ive a projekt with haproxy and keycloak. And ive a Problem with redirection. I have two urls like: -exampleSite1 -exampleSite2 When i go on both sites it should redirect me to a site:...
View ArticleHAProxy Load Distribution and Backend Application Autoscaling
Scenario: I’m running an HAProxy instance in two clusters, and my backend application is deployed across five different clusters. Despite generating significant load, my backend application does not...
View ArticleExtended Master secret key is set to "No"
The haproxy.cfg has min support of TLS version 1.2 and a set of specific ciphers e.g. “ECDHE-RSA-AES256-GCM-SHA384” to be allowed for communication. When i run the following command: openssl s_client...
View Article