If your using HAProxy 1.5dev17 or later you could also give it a try with 'SNI'.

|use-server www if { req_ssl_sni -i www.example.com }
server     www 192.168.0.1:443 weight 0
use-server mail if { req_ssl_sni -i mail.example.com }
server     mail 192.168.0.1:587 weight 0|

Or use ssl deciphering to remove the encryption and then be able to use 'http' mode processing.

|bind :443 ssl crt /etc/haproxy/site.pem
|

-PiBa-NL

Op 24-4-2013 18:35, Bryan Talbot schreef:
Since the traffic passing through your port 443 is presumably encrypted, by design, the proxy can't do anything with the contents including read it.

-Bryan



On Wed, Apr 24, 2013 at 7:57 AM, Matthieu Boret <mbore...@gmail.com <mailto:mbore...@gmail.com>> wrote:

    Hi,

    I try to block a URL(public.mydomain.com
    <http://public.mydomain.com>) in https but this doesn't works. If
    it's possible I would redirect to a 503 error page.

    frontend unsecured
      bind *:80
      mode http
      redirect scheme https

    frontend secure_tcp
      mode tcp
      bind *:443 name https
      reqideny ^public
      default_backend bck_tcp


    Thanks


    Matthieu



Reply via email to