Shubham Kanodia
Reputation: 6236
Using Cloudfront as a HAProxy backend server with https
I have a CloudFront resource sitting in front of my S3 bucket. It's accessible at —
https://<id>.cloudfront.net
but if I hit —
<id>.cloudfront.net:443
I get a 400 Bad Request. I want to point to CloudFront in my HAProxy configuration, but I can't use the 443 port because of the above-mentioned issue. Nor can I use the https URL protocol in the server statement.
backend my_cloudfront_app
http-response set-header Strict-Transport-Security max-age=31536000
server my_server <id>.cloudfront.net:443
How can I hit HTTPS cloudfront from this server block in HAProxy?
Upvotes: 1
Views: 984
Answers (1)
Aleksandar
Reputation: 2652
I assume You will need to add some infos to the request headers for the cloudfront backend.
This example works with HAProxy 2.0
backend my_cloudfront_app
http-response set-header Strict-Transport-Security max-age=31536000
# Add backend header for cloudfront backend request
http-request set-header Host <id>.cloudfront.net
# maybe you will need to add a S3 prefix to the request path
# http-request set-path <CLOUDFRONT_S3_Prefix>%[path]
server my_server <id>.cloudfront.net:443 sni str(<id>.cloudfront.net) ssl verify none
Upvotes: 1
Related Questions
- Using Cloudfront with an HTTP API Origin
- EC2 running NGINX behind CloudFront with HTTPS?
- Do Cloudfront Redirects from http to https keep the request headers
- Serving Cloudfront pages Through HTTP only
- How does the connection between CloudFront and one EC2 origin works using HTTPS?
- How to force cloudfront to use https (redirect http -> https)
- CloudFront error when serving over HTTPS using SNI
- Cloudfront serving over own SSL certificate
- Supporting HTTPS URL redirection with a single CloudFront distribution
- Troubleshooting Cloudfront with HTTPS using SNI