Esser420
Reputation: 860
HAProxy http mode with ssl and simple acl behave weirdly
I am trying to configure HAProxy to only allow access on a server for URLs with a specific path begining. My config is as shown here:
frontend test
mode http
bind *:50005 ssl crt /crt.crt
timeout client 10800s
timeout server 10800s
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
redirect scheme https if !{ ssl_fc }
acl only_api path_beg,url_dec -m beg -i /api/v1
http-request deny if !only_api
use_backend out-pt.groupinfra.com if only_api
backend myserver
mode http
server out myserver.com:443
So basically 'myserver' uses https, so I need to forward it as https. I'm getting a 502 Bad Gateway error from this.
I did have success using the tcp mode as the ssl simply passes through.
Upvotes: 0
Views: 814
Answers (1)
nuster cache server
Reputation: 1791
you need to use ssl to connect to your backend server:
server out myserver.com:443 ssl verify none
or you need to verify certs
server out myserver.com:443 ssl verify required ca-file /path/to/your/backend/server.pem
Upvotes: 1
Related Questions
- HAProxy not redirecting http to https (ssl)
- Getting 404 when call request by haproxy (directly works fine)
- Haproxy acl rules for SSL
- http request to https request using haproxy
- https is not working behind haproxy
- Haproxy acl rules is not working
- Haproxy with SSL doesn't works
- haproxy acl not working in https/tcp mode
- HAproxy is not forwarding request from http to https while using curl through command line
- SSL over HAProxy issue