Hi, On Sun, Jul 06, Pavlos Parissis wrote: > My conf[1] is quite simple and HAProxy has support for SSL [2]. What I > observe(using tcpdump) is that health checks are in SSL mode(SSL > handshake followed by a HTTP request) but incoming request over HTTPS > goes to backend without any SSL handshake which results to famous HTTP > status error from nginx > > Any ideas if what I try to achieve is possible?
I think you're missing ssl keyword from your server configs: http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-ssl (Also check verify / ssl-server-verify: http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-verify http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3.1-ssl-server-verify) -Jarno > frontend main_s > bind *:443 ssl crt /etc/ssl/wildcard.foo.com.pem > # CPU1 > bind-process 2 > default_backend examplefe_s > backend examplefe_s > default-server inter 10s > option httpchk GET / HTTP/1.1\r\nHost:\ > example.foo.com\r\nUser-Agent:\ HAProxy > server examplefe-203.foo.com examplefe-203.foo.com:443 check check-ssl > server examplefe-204.foo.com examplefe-204.foo.com:443 check > check-ssl disabled -- Jarno Huuskonen
