On Fri, Mar 18, 2016 at 1:38 PM, Igor Cicimov < [email protected]> wrote:
> > > On Fri, Mar 18, 2016 at 12:04 PM, Zachary Punches <[email protected]> > wrote: > >> Yeah port 1027 is used for health checks over SSL. >> >> This HAP forwards requests off to our databases. The databases have a >> string in a table that indicates that the HAP instance can move all the way >> through the entire process before it lights as green. >> >> Our health checks in route 53 are setup to ping 1027 as the SSL port >> >> From: Igor Cicimov <[email protected]> >> Date: Thursday, March 17, 2016 at 4:18 PM >> To: Zachary Punches <[email protected]> >> Cc: Baptiste <[email protected]>, "[email protected]" < >> [email protected]> >> Subject: Re: Help! HAProxy randomly failing health checks! >> >> So is port 1027 used for health checks over SSL or not? I don't see any >> ssl settings on that port. >> > > > I see. In that case, since you are doing ssl pass-through in http mode, > you need to add ssl to your server line: > > backend server0 ## added to allow gs ssl meta tag verification > reqrep ^GET\ /.*\ (HTTP/.*) GET\ /GlobalSignVerification\ \1 > server server0_http server0.domain.com:80/GlobalSignVerification/ > > so it becomes: > > server server0_http server0.domain.com:80/GlobalSignVerification/ ssl > > if I understood your intention correctly and server0 is ssl enabled db. > # Route traffic based on domain use_backend gs_verify if gs_texthtml or gs_user_agent ## allow gs meta tag verification Where is this backend in your config? Which domain is used fore the health checks?
