On 4/10/2022 4:35 PM, Shawn Heisey wrote:
I *DID* have it working. It seems to have stopped working and I do
not know what I did to break it. :) The http/3 checker page still
says everything's OK.
Ah, I figured it out! It seems that ssl_fc is not set to true for
encrypted quic connections. With this line in the config, it just
continually redirects:
redirect scheme https unless { ssl_fc }
I think that's probably a bug. A workaround could maybe be found, if
there is another condition I can use for the redirect that will redirect
tcp/80 connections but not tcp/443 or udp/443.
I am not seeing this in the system with two haproxy processes ... I had
removed that line from the config I used for 2.6, since it was always https.
Thanks,
Shawn