On Jul 2, 2017 8:41 PM, "Daren Sefcik" <[email protected]> wrote:
yep, pretty much..I just need some help to figure out how to make it
work....
example log entries for https and http, you can see how the "443" goes to
one backenad and the regular http "GET" request goes to another..but this
is not consistent and I know there has to be a better way..
use_backend HTPL_WEB_PROXY_http_ipvANY if { meth_connect }
Or maybe...
use_backend HTPL_WEB_PROXY_http_ipvANY if { meth_connect } !{ path_end :80
}
That should be all you need.
HTTPS through an HTTP proxy via HAProxy isn't an SSL session that HAProxy
can see. It's an opaque tunnel, requested over HTTP, using CONNECT.
If the browser asks for a tunnel, it should be because it's wanting to
speak HTTPS once the target is connected.
