On Sun, Dec 22, 2013 at 11:51 PM, Jean-Baptiste Quenot <[email protected]> wrote: > global > log 127.0.0.1 local2 info > maxconn 4096 > user haproxy > group haproxy > daemon > > defaults > log global > mode http > option httplog > option dontlognull > retries 3 > option redispatch > maxconn 2000 > contimeout 5000 > clitimeout 150000 > srvtimeout 150000 > > listen ocw > bind 0.0.0.0:80 > redirect scheme https if !{ ssl_fc } > > listen ocw_ssl > bind 0.0.0.0:443 ssl crt /etc/haproxy/haproxy-mysite.pem > use_backend ocw1 > > backend ocw1 > server ocw1 192.168.1.1:8069 > > Is anything ringing a bell to you? Anything I could do for the app to be > more responsive in HTTPS?
Hi Jean-Baptiste You're right, your HAProxy is in tunnel mode, which means it let the client and the server negociate the keep-alive mode. Obviously, they did not. There is nothing you can do in HAProxy. Maybe try starting HAProxy in debug mode and see the headers and HTTP version exchanged between the client and the server. Baptiste
