Reputation: 331
Detect HTTPS without SSL Termination
I am trying to find out if https is in the address bar, as I have SSL termination before the HAPROXY, but I want HAPROXY to do the redirect if it is HTTP (a bit of an odd request i know).
I tried the: redirect scheme https if !{ ssl_fc }
But it ends up in a never ending loops because it the packets already don't have SSL. Is there another way to get the prefix on a address bar? Also it does it for multiple domains, so trying to do this with a wildcard.
Upvotes: 0
Views: 865
Answers (1)
Reputation: 178984
I have SSL termination before the HAPROXY
I assume you mean SSL is terminated on an ELB?
If so:
redirect scheme https unless { hdr(x-forwarded-proto) -m str https }
ELB in http mode adds X-Forwarded-Proto: https on SSL connections. The value is set to http otherwise. Generate a redirect unless the header value matches what you expect.
Upvotes: 1
Related Questions
- HAPROXY : Proxy tunneling failed: SSL
- How to make an HTTP app HTTPS with HAProxy and SSL Termination
- HAProxy SSL-termination with redirect http to https is losing X-Client-IP information with send-proxy to NGINX
- http request to https request using haproxy
- https is not working behind haproxy
- HAproxy: Redirect to https in backend
- HAProxy - Redirect traffic of one domain to https and other domains to http only