Hi.
Am 13-08-2015 08:45, schrieb Baptiste:
Hi Sandeep,
No, HAProxy doesn't pass through.
[snipp]
What you mean by passthrough would be something like:
listen ssl_passthourgh
mode tcp
bind :443
server 10.0.0.1:443
Maybe that this 'passthrough' wording comes from openshift document
https://docs.openshift.org/latest/architecture/core_concepts/routes.html
or from the RedHat doc?
https://access.redhat.com/documentation/en/openshift-enterprise/version-3.0/openshift-enterprise-30-architecture#passthrough-termination
The haproxy template can be found here.
https://github.com/openshift/origin/blob/9fffbd9ffb7d97c55a1072ea469b624dab89c17c/images/router/haproxy/conf/haproxy-config.template#L48
Do you know that openshift use haproxy for his routing layer?
Br Aleks
On Thu, Aug 13, 2015 at 4:53 AM, Sandeep Jindal <[email protected]>
wrote:
Hi Baptiste,
Not sure if that answers my question. What you suggested is to enable
SSL
for HAProxy.
My use case if one step further. Once HAProxy receives the SSL
request,
after decrypting it, use case require to manipulate headers and then
forward the request to a a bendend server which is SSL enabled.
It seems HAProxy can "pass through" SSL certificates but not start new
certificate for Backend.
Regards
Sandeep Jindal
201 604 5277
On Fri, Jul 31, 2015 at 2:11 AM, Baptiste <[email protected]> wrote:
On Fri, Jul 31, 2015 at 4:12 AM, Sandeep Jindal
<[email protected]>
wrote:
> Hi All,
>
> My use case is to Manipulate Request Headers of the incoming request.
>
> So, for this, I would need to create a new SSL certificate, but it seems
> at
> HTTP level.
>
> Can you please suggest if this is possible and how?
>
>
> Regards
> Sandeep Jindal
> 201 604 5277
Hi Sandeep,
Simply create your certificate with openssl, and enable enable 'ssl'
and 'crt /path/to/your/cert' on your bind line in your HAProxy
frontend.
Baptiste
