Hi Emmanuel,
On Wed, Sep 12, 2012 at 01:43:13PM +0200, Emmanuel Bézagu wrote:
> hi,
>
> please could you tell me if it is possible (and how) to configure haproxy
> in order to reverse proxy wss websockets in tcp mode ?
There is no reason for it not to work.
> Here is my conf file :
>
> global
> chroot /usr/local/haproxy/chroot
> daemon
> maxconn 256
>
> defaults
> retries 3
> option redispatch
> timeout tunnel 1h
>
> listen https_in
> bind :30443
> mode tcp
> option tcplog
> log 127.0.0.1 user debug
> tcp-request inspect-delay 8s
> tcp-request content accept if WAIT_END
> acl is_ssl req_ssl_ver 2:3.1
> use_backend ssh if !is_ssl
> tcp-request content accept if is_ssl
> tcp-request content accept if { req_ssl_hello_type 1 }
> use_backend https_gateone if { req_ssl_sni gateone.mydomain }
>
> backend ssh
> enabled
> mode tcp
> server ssh :22
> timeout connect 5s
> timeout server 2h
>
> backend https_gateone
> enabled
> mode tcp
> timeout server 2h
> timeout connect 4s
> option ssl-hello-chk
> server https_gateone 127.0.0.1:8022 check inter 30000 downinter 1000
>
> GateOne tries to open a secure web socket (wss protocol) to the server
> through haproxy reverse proxy.
>
> Any idea ?
Are you experiencing any issue ? Or maybe you couldn't test yet ?
Regards,
Willy
