Hi, On Thu, Aug 06, 2015 at 07:25:42PM -0700, Bowen Ni wrote: > Hi, > > > I am trying to use HAProxy as a man-in-the-middle proxy for HTTPS > traffic. When doing an HTTPS request over HAProxy, it tries to tunnel > the HTTPS request using an HTTP CONNECT request and the HTTP CONNECT > request is passed to backend server directly. My problem is that the > response of the CONNECT request I got from HAProxy is always 4XX. For > example: 403 Tunnel Forbidden, 400 Bad Request. I have tried many > backends and none of them give me 200. Am I missing anything?
It's not haproxy which returns this but the next server which receives the CONNECT request. Haproxy is not a forward proxy, so it will not : - resolve host names in uri to decide where to forward the connection ; - extract the tunnel from a CONNECT request If you want a forward proxy, simply use squid. It's the expert in this role and works pretty well. You can even put haproxy in front of it if you want. Hoping this helps, Willy
