On Wed, Nov 24, 2010 at 07:24:10PM -0500, John Marrett wrote: > Arthur, > > I believe that you will need to use stunnel in client mode to initiate > the ssl connections to the back end. You'll set up multiple instances, > presumably on the machine running haproxy, each confired to point to a > specific backend. > > httpchk will not do https.
Confirmed. Also, maybe it would be fine for you to send your check to nginx on port 80 in clear text ? If so, just add "port 80" after "check" on your server lines. It will not validate the SSL part but will at least validate that the whole chain is running. And the SSL part is not much likely to fail without the rest anyway. Regards, Willy