That's corrrect, I want to talk https to the maps API. Thanks for the response. Added ssl keyword and tried adding verify none as well but now get a 404 back from google. The URL is valid as I'm testing with curl on my haproxy host:
curl -I https://maps.googleapis.com/maps/api/place/autocomplete/json?input=san%20d&sensor=false&key=AIzaSyCM5UZ5jM2FkMkFFSWpwvAR92ZtmADUIOo HTTP/1.1 200 OK Content-Type: application/json; charset=UTF-8 Date: Thu, 20 Feb 2014 20:53:05 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Vary: Accept-Language Server: mafe X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Alternate-Protocol: 443:quic Transfer-Encoding: chunked curl -I http://localhost:80/maps/api/place/autocomplete/json?input=san%20d&sensor=false&key=AIzaSyCM5UZ5jM2FkMkFFSWpwvAR92ZtmADUIOo HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Content-Length: 1457 Date: Thu, 20 Feb 2014 20:52:53 GMT Server: GFE/2.0 On Wed, Feb 19, 2014 at 4:42 PM, Cyril Bonté <[email protected]> wrote: > Hi Steve, > > Le 20/02/2014 01:30, Steve Phillips a écrit : > >> Hi, >> >> I've been attempting, unsuccessfully, to configure haproxy to reverse >> proxy HTTP requests (/maps context) to the HTTPS Google maps API. >> Network traces show empty data packets coming back from Google which >> appear to be interpreted as 503/bad gateway by haproxy. I've modified >> the haproxy config through various attempts to get this working >> (commented out lines) but still no success. I've compared successful >> reverse proxy requests processed by Apache and the request headers are >> identical (cookie order is different). My config below: >> (...) >> >> backend maps >> #reqirep Destination:\ http(.*) Destination:\ https\\1 >> # acl is-ssl dst_port 443 >> # reqadd X-Scheme:\ https if is-ssl >> # option forwardfor >> option http-keep-alive >> server google_maps maps.googleapis.com:443 >> > > According to this, you want to talk in https to maps.googleapis.com. For > that, you must add the "ssl" keyword on the server line, and maybe "verify > none" with recent 1.5-dev snapshots. > > > -- > Cyril Bonté >
