what version of haproxy is this in, will it work for 1.4 variants or only 1.5 
onwards?


________________________________
 From: Baptiste <[email protected]>
To: Wolfgang Grim <[email protected]> 
Cc: "[email protected]" <[email protected]> 
Sent: Tuesday, August 6, 2013 4:14 AM
Subject: Re: Force HTTPS with https backend
 

Hi Wolfgand,

First, turn the mode to http, otherwise header insertion can't work.

To fix your issue, simply append a the "ssl" keyword on the server
line description.

Baptiste


On Tue, Aug 6, 2013 at 8:14 AM, Wolfgang Grim <[email protected]> wrote:
> Hi everybody,
>
>
>
> just started to use haproxy.
>
>
>
> What I want to achieve is to have a primary server and a secondary which
> acts as backup server. All traffic should be forced to be encrypted. As long
> as the backend connection is established via HTTP it works, when I change to
> the following config, I am also able to connect via HTTP.
>
>
>
> global
>
>         #log 127.0.0.1  local0
>
>         log 127.0.0.1   local1 notice
>
>         #log loghost    local0 info
>
>         maxconn 4096
>
>         #chroot /usr/share/haproxy
>
>         user haproxy
>
>         group haproxy
>
>         daemon
>
>         #debug
>
>         #quiet
>
>
>
> defaults
>
>         log     global        option  dontlognull
>
>         retries 3
>
>         option redispatch
>
>         maxconn 2000
>
>         contimeout      5000
>
>         clitimeout      50000
>
>         srvtimeout      50000
>
>
>
> frontend https_frontend
>
>
>
>         bind :80
>
>         redirect scheme https if !{ ssl_fc }
>
>
>
>         bind *:443 ssl crt /etc/haproxy/haproxy.pem
>
>         mode    tcp
>
>         #option httpchk HEAD / HTTP/1.0
>
>         reqadd X-Forwarded-Proto:\ https
>
>         default_backend web_server
>
>
>
> backend web_server
>
>         mode tcp
>
>         balance roundrobin
>
>         stick-table type ip size 200k expire 30m
>
>         stick on src
>
>         default-server inter 1s
>
>         server webServerA 195.202.164.227:443 check inter 5000 downinter 500
>
>         server webServerB 213.235.220.170:443 check inter 5000 backup
>
>
>
>
>
> Best regards,
>
> Wolfgang Grim
>
>

Reply via email to