On Mon, Jul 3, 2017 at 10:38 AM, Daren Sefcik <[email protected]> wrote:
> > On Sun, Jul 2, 2017 at 4:44 PM, Michael Ezzell <[email protected]> wrote: > >> >> >> On Jul 2, 2017 19:15, "Daren Sefcik" <[email protected]> wrote: >> >> >> Most of the traffic is ssl, for example gmail, facebook, pandora all >> force https. >> >> >> I'm going to go out on a limb and suggest that *none* of the traffic is >> SSL in any sense that is meaningful from HAProxy's perspective. >> >> What do the HTTPS requests look like in the HAProxy logs? Aren't they >> CONNECT requests? >> >> > yep, pretty much..I just need some help to figure out how to make it > work.... > > example log entries for https and http, you can see how the "443" goes to > one backenad and the regular http "GET" request goes to another..but this > is not consistent and I know there has to be a better way.. > > HTPL_PROXY HTPL_SSL_PROXY_http_ipvANY/HTPL-PROXY-03_10.1.4.180 > 0/0/0/22/10075 200 525 - - cD-- 124/124/103/103/0 0/0 "CONNECT > caltopo.com:443 HTTP/1.1" > > HTPL_PROXY HTPL_WEB_PROXY_http_ipvANY/HTPL-PROXY-04_10.1.4.181 > 92/0/0/1/93 403 4309 - - ---- 126/126/10/11/0 0/0 "GET > http://i2.wp.com/n4.nabble.com/images/avatar100.png HTTP/1.1" > > > TIA for any help with this..! > Is it possible that *some* of the clients have issues talking to the haproxy over ssl? You say in case of ssl it is not 100% successful but what does that mean? How does this manifest? Can you track the ssl request from particular client ending up on the http backend?
