If your using HAProxy 1.5dev17 or later you could also give it a try
with 'SNI'.
|use-server www if { req_ssl_sni -i www.example.com }
server www 192.168.0.1:443 weight 0
use-server mail if { req_ssl_sni -i mail.example.com }
server mail 192.168.0.1:587 weight 0|
Or use ssl deciphering to remove the encryption and then be able to use
'http' mode processing.
|bind :443 ssl crt /etc/haproxy/site.pem
|
-PiBa-NL
Op 24-4-2013 18:35, Bryan Talbot schreef:
Since the traffic passing through your port 443 is presumably
encrypted, by design, the proxy can't do anything with the contents
including read it.
-Bryan
On Wed, Apr 24, 2013 at 7:57 AM, Matthieu Boret <[email protected]
<mailto:[email protected]>> wrote:
Hi,
I try to block a URL(public.mydomain.com
<http://public.mydomain.com>) in https but this doesn't works. If
it's possible I would redirect to a 503 error page.
frontend unsecured
bind *:80
mode http
redirect scheme https
frontend secure_tcp
mode tcp
bind *:443 name https
reqideny ^public
default_backend bck_tcp
Thanks
Matthieu
