I googled 'haproxy sni' and found this official blog: http://blog.haproxy.com/2012/04/13/enhanced-ssl-load-balancing-with-server-name-indication-sni-tls-extension/
And I created this config file following that format (literally my exact config file, no changes): https://gist.github.com/coolaj86/2faa07aa535e6dc04639 I'm using the most recent haproxy on Ubuntu (via PPA) that I could find haproxy --version HA-Proxy version 1.5.13 2015/06/23 sudo haproxy -db -f /etc/haproxy/haproxy.cfg I've edited /etc/hosts so that baz.example.com points to 127.0.0.1 I've created a few bogus servers npm install -g serve-https serve-https -p 1443 -c 'Default on 1443' & serve-https -p 2443 -c 'bar on 2443' & serve-https -p 3443 -c 'baz on 3443' & And then I test, but I get random results. It only follows the SNI rules sometimes curl --insecure https://baz.example.com:64443 baz curl --insecure https://baz.example.com:64443 Default on 1443 I'm trying to produce the most simple config file without anything fancy (as you can see in the link) and gradually increase the complexity (like a good little boy should, of course), but I'm stuck pretty much right at the starting point. I've also googled a bit more, but I'm finding examples with wildly different syntaxes and solutions. I've tried some and found that they're deprecated and seen others that look to complicated for my entry-level understanding - or I tried them and they too didn't work. Any thoughts? AJ ONeal (317) 426-6525
