The following config doesn't direct secure websocket connections to the
backend.
What am I doing wrong?
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
frontend port443
bind :443
mode tcp
clitimeout 65000
tcp-request inspect-delay 5s
acl traffic_is_ssl req_ssl_ver gt 0
acl enough_non_ssl_bytes req_len ge 22
tcp-request content accept if traffic_is_ssl # accept SSL
tcp-request content accept if enough_non_ssl_bytes # accept non-SSL
use_backend ssl_backend if traffic_is_ssl
default_backend rtmp_backend
backend ssl_backend
srvtimeout 65000
server nginx_server 127.0.0.1:4443
backend rtmp_backend
srvtimeout 65000
server rtmp_server 127.0.0.1:1935
I also tried much simpler config but I still can't connect:
frontend port443
bind :443
mode tcp
default_backend ssl_backend
backend ssl_backend
srvtimeout 65000
server nginx_server 127.0.0.1:4443
On Tue, May 14, 2013 at 2:16 PM, pablo platt <[email protected]> wrote:
> Is my config reasonable?
>
>
> On Sun, May 12, 2013 at 6:14 PM, Jonathan Matthews <
> [email protected]> wrote:
>
>> On 12 May 2013 10:03, pablo platt <[email protected]> wrote:
>> > Can you please explain how to use ssl_fc?
>> > I couldn't find it in the configuration docs.
>> >
>> > Please see below the global and defaults sections which I get when
>> > installing the haproxy-1.4.18 deb package on ubuntu 12.04
>>
>> ssl_fc is only in HAProxy 1.5.
>>
>> Jonathan
>> --
>> Jonathan Matthews // Oxford, London, UK
>> http://www.jpluscplusm.com/contact.html
>>
>>
>
