Is "verify none" working for an expired certificate?
@moscardo wrote: Hi, I have a short question (I tried it and my assumptions seem to be correct, but just want to double check), can a let a certificate expire on the backend and have “verify none” and...
View ArticleCloudflare: haproxy is using the wrong IP for HTTP requests after the first
@supermathie wrote: We are using haproxy 1.8.17 in a two-stage setup: multiple “interceptor” servers (in http mode) that accept the initial connection and send it (using send-proxy-v2-ssl) to...
View ArticleHow to use TCP & HTTP/2 both inside frontend
@cleadspi wrote: Im try to put Dns-over-TLS and HTTPS into HAproxy 1.9.7 on Debian9 This settings works with DoH, but DoT not working. I wanna share port 443 on both services Without HTTP/2,...
View ArticleForward http request with client certificate to outside server with mutual...
@xpoveda wrote: Hi everybody, I’m looking for how send a client certificate to outside server with ssl validation but I don’t found it in documentation and no examples im internet, usually appears...
View ArticleStick table backend inconsistency using DNS resolvers on upgrades
@tjungblut wrote: Hello community, We’re using HAProxy in Kubernetes as a sticky load balancer in front of a deployment of five total pods (real HAProxy, not the ingress controller version of it)....
View ArticleUpgrading HAProxy 1.4 to 1.5+ for SSL termination?
@dflorez wrote: Hello, I’ve inherited an out of date HAProxy server and in my learning about HAP for a project, I have found v 1.4 does not support SSL termination. We have many sites configured...
View ArticleHow to retain Connection: keep-alive header in HAProxy 1.5
@leon wrote: Hi all, I have an application is sending a HTTP request to a machine behind a HAProxy vip but the response HAProxy is sending back appears to be missing some headers. What the sending...
View ArticleClik here to view.
HAProxy SSL-termination with re-encryption on selfsigned cert?
@n1ete wrote: After 10 hours of debugging i am lost and hope someone get me clarified on this. i read probably several times the right answer or was near “it-works”… My Setup is Simple: i got two...
View ArticleBackend observe layer7
@negroha wrote: HAPROXY 1.9 Good afternoon, I am using the following configuration in my group of backend servers server server01 10.0.0.1:80 check on-error mark-down observe layer7 error-limit 5...
View ArticleTune.h2.initial-window-size
@Thoufiq wrote: I have found this " [tune.h2.initial-window-size] " command for faster uploads/connections… Can we use the same command in TCP mode… Will it work? or is there any option to increase...
View ArticleAzure Kubernetes Ingress Controller with HAproxy (Working Example)
@huhproxy wrote: We’re investigating haproxy as a viable alternative to nginx as a kubernetes ingress controller on AKS (Azure Kubernetes Service). The only example I can find on the net for such a...
View ArticleHow to figure out how many requests are being refused?
@ecgouvea wrote: Is there a way to figure out how many requests are being refused due to the high traffic and exceeding number of requests being issued to a single HAProxy instance? Posts: 1...
View ArticleHow to make reloads safe in case of invalid config
@happy wrote: I use default systemd-reloads ExecReload=/usr/sbin/haproxy -f $CONFIG -c -q ExecReload=/bin/kill -USR2 $MAINPID Haproxy’s management manual says: First, the service script...
View ArticleRoundrobin hiccups
@crazyfox wrote: Hi @ll, I’m just testing HAPROXY, We ditching an old LB. Pretty straight forward config, but here are issues when I hit the VIP Seems like I’m hitting the same server over and over,...
View ArticleConsistent hash and server-template via dns resolver
@tjungblut wrote: Hello community, We’re using HAProxy in Kubernetes as a consistent hashing load balancer in front of a deployment of five total pods (real HAProxy, not the ingress controller version...
View ArticleRedispatch on timeout queue
@mindeswx wrote: Hello, what happens if we are using stick tables and backend reaches it’s limit? I figured out that when backend is on it’s limit new connections are qued and “timeout queue” applies....
View ArticleHaproxy Stats Understand
@vijay.sachdeva wrote: Hi Folks, I wanted to understand the haproxy stats page which has information about sessions. Like Current, Max and Total sessions. I have got multiple backends running and each...
View ArticleRedirecting HTTPS to HTTPS
@ZelChief wrote: Hello! Does HAProxy have any ways to make redirect for HTTPS traffic to HTTPS? Posts: 1 Participants: 1 Read full topic
View ArticleHaproxy template / select backend/server using header
@raghudasari wrote: I am trying to target a backend server using a request header (x-upstream) which has the target server ip. example x-upstream: 10.100.20.13:24001 I was able to achieve this bye the...
View ArticleHow proto h2 works for http2? (haproxy 1.9.7)
@steve wrote: frontend fe_main mode http option http-use-htx bind *:443 ssl crt /etc/hapee-1.8/certs/www.example.com.pem alpn h2,http/1.1 use_backend be_main backend be_main mode http option...
View Article