Thanks Cyrill.   Issue got resolved.

On Thu, Jan 15, 2015 at 1:26 PM, Cyril Bonté <[email protected]> wrote:

> Hi,
>
> Le 15/01/2015 03:59, RAKESH P B a écrit :
>
>> Hi Cyrill,
>>
>> Thanks for the update.
>>
>> In Application  side we are not using any SSL offloading.  I have tested
>> with pound (for ssl termination) & haproxy (for load balancing)
>> combination and issue got resolved.
>>
>
> I guess you have RewriteLocation > 0 in your pound configuration (the
> default is 1), this will explain why you see a difference.
>
>  But if i tried with haproxy only ,
>> then getting the issue. I think there is some configuration changes need
>> to made with haproxy to support application side URL redirect. Please
>> find the status codes details. Please help me.
>>
>
> This is really not the job of the reverse proxy to decide by itself to
> change the protocol in the redirects (it can add very bad side effects) but
> in your case, if you're sure that there won't be any valid http redirect,
> you can rewrite the headers sent in the response.
> For example with :
>   http-response replace-header Location ^http://(.*) https://\1
>
>   1.
>>
>>     haproxy (only)
>>
>>     https://www.example.com/search/quotes? : 302
>>
>
> Here you'll have
> Location: http://www.example.com/search/quotes?
> catched by the rule given previously, rewriting the header to :
> Location: https://www.example.com/search/quotes?
>
>      http://www.example.com/search/quotes? : 301
>>
>
> This step won't happen  anymore.
>
>      https://www.example.com/search/quotes? : 200
>>
>>  2.
>>
>>     Pound (termination ) & haproxy ( loadbalancing)
>>     https://www.example.com/search/quotes? : 302
>>     https://www.example.com/search/quotes? : 200
>>
>>  3.
>>
>>
>> On Tue, Jan 13, 2015 at 5:49 PM, RAKESH P B <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>>     Hi Cyrill,
>>
>>     Thanks for the update.  I'll check with my developer and let you
>>     know how the way SSL offloading support in Application side.
>>
>>     On Tue, Jan 13, 2015 at 3:14 AM, Cyril Bonté <[email protected]
>>     <mailto:[email protected]>> wrote:
>>
>>         Hi,
>>
>>         Le 12/01/2015 22:27, RAKESH P B a écrit :
>>
>>             Hi All,
>>
>>             Can I have an update on this.
>>
>>
>>          From what you describe and your configuration, this is not
>>         haproxy related but you should take a look on the application or
>>         on the server itself. But we can't tell you more, you didn't
>>         provide any information on them.
>>
>>         By adding a X-Forwarded-Proto header, your server/application
>>         must take it into account. And this is where there is no standard.
>>         For example :
>>         - some applications require X-Forwarded-Proto: https
>>         - some others require that the server set an environment
>>         variables, and depending on the component, it can have different
>>         names/values, some are case sensitive, some others not
>>         (HTTPS=on, HTTPS=On, ...)
>>         - apache redirects will use a special syntax on ServerName with
>>         a https:// prefix, ...
>>
>>         As you see, it depends on what the developers thought at the
>>         time they included SSL Offloading support.
>>
>>
>>             On Sun, Jan 11, 2015 at 6:56 PM, RAKESH P B
>>             <[email protected] <mailto:[email protected]>
>>             <mailto:[email protected]
>>             <mailto:[email protected]>>__> wrote:
>>
>>                  Please find updated configuration file.
>>
>>                  On Sun, Jan 11, 2015 at 6:53 PM, RAKESH P B
>>             <[email protected] <mailto:[email protected]>
>>                  <mailto:[email protected]
>>             <mailto:[email protected]>>__> wrote:
>>
>>                      Hi Lukas,
>>
>>                      Thanks you for the quick response. Please find the
>>             attached
>>                      Haproxy configuration.
>>
>>                      On Sun, Jan 11, 2015 at 5:21 PM, Lukas Tribus
>>                      <[email protected] <mailto:[email protected]>
>>             <mailto:[email protected] <mailto:[email protected]>>>
>>             wrote:
>>
>>                          > Hi Team,
>>                          >
>>                          > I have an issue Haproxy SSL redirection.
>>             Whenever any request is
>>                          > redirected from HAproxy , then two redirected
>>             request is send, one is
>>                          > with http and other with https while URL for
>>             both request is same.
>>                          > For example,
>>                          > when the URL is redirected
>>             tohttps://www.example.com/to/__path
>>             <http://www.example.com/to/path>? , then
>>                          > these two request are send
>>                          >http://www.example.com/path1/__path2/path3
>>             <http://www.example.com/path1/path2/path3>?
>>                          >https://www.example.com/__path1/path2/path3
>>             <https://www.example.com/path1/path2/path3>?
>>
>>                          Can you share the config?
>>
>>
>>                          Lukas
>>
>>
>>
>>
>>
>>
>>         --
>>         Cyril Bonté
>>
>>
>>
>>
>
> --
> Cyril Bonté
>

Reply via email to