Rezhna, You can start with a script I used when I wrote some blog articles about HAProxy and SSL: https://github.com/exceliance/haproxy/tree/master/blog/ssl_client_certificate_management_at_application_level
You'll be able to generate selfsigned certificates. Good luck, Baptiste On Mon, Sep 2, 2013 at 2:59 PM, Nick Jennings <[email protected]> wrote: > http://www.startssl.com > > > > On Mon, Sep 2, 2013 at 2:51 PM, Rezhna Hoshyar <[email protected]> > wrote: >> >> Dear, >> >> Could you please tell me how I can get free ssl certificate as I tried >> many ways mentioned on Internet , but none of them were useful >> >> Rezhna >> >> -----Original Message----- >> From: Baptiste [mailto:[email protected]] >> Sent: Sunday, September 1, 2013 9:44 PM >> To: Rezhna Hoshyar >> Cc: Lukas Tribus; [email protected] >> Subject: Re: https with haproxy >> >> Hi Rezhna, >> >> Use the "http-request redirect scheme" to do this, as example: >> http-request redirect scheme https if ! { ssl_fc } >> >> It will force HTTPs whatever the hostname is. >> As Lukas stated, you have to own the certificate and the frontend / >> backend must be in mode http. >> >> Baptiste >> >> >> >> On Sun, Sep 1, 2013 at 4:56 PM, Rezhna Hoshyar <[email protected]> >> wrote: >> > >> > Hi, >> > >> > Actually we want to apply it for our company web sites. >> > >> > Rezhna >> > >> > -----Original Message----- >> > From: Lukas Tribus [mailto:[email protected]] >> > Sent: Sunday, September 1, 2013 5:44 PM >> > To: Rezhna Hoshyar >> > Cc: [email protected] >> > Subject: RE: https with haproxy >> > >> > Hi, >> > >> >> My question is about how to use https with haproxy , not avoiding it. >> > >> > Compile haproxy 1.5 with SSL support and enable it. You can find details >> > in doc/ and some generic examples in examples/. >> > >> > >> > >> >> I can use haproxy to redirect http://google.com to http://yahoo.com, >> >> but I cannot do that with https://google.com. >> > >> > Well, do you have a certificate for google.com (or whatever website you >> > need to redirect)? You cannot do this without a valid certificate, >> > otherwise >> > HTTPS would not make any sense. >> > >> > >> > >> > Regards, >> > >> > Lukas >> > >> > -- >> > This message has been scanned for viruses and dangerous content by >> > MailScanner, and is believed to be clean. >> > >> > >> >> -- >> This message has been scanned for viruses and >> dangerous content by MailScanner, and is >> believed to be clean. >> >> >
