I am not sure to understand.
I am using iRedMail as email server.
This email server do have ssl/TLS activated.
******
listen 888 http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.chained.crt;
ssl_certificate_key /etc/ssl/private/cert.key;
ssl_trusted_certificate /etc/ssl/certs/GandiStandardSSLCA2.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
include /etc/nginx/sslciphers.conf;
add_header Strict-Transport-Security "max-age=15768000";
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/dhparams.pem;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 10s;
*****
My email client do work well with these certificates and if I change the NAT of my router, I can reach the email web interface (Sogo) through HTTPS request.
Why is not possible to pass HTTPS trafic from the HAproxy to my email server ? Will be the same pb with my web server ..
Thx
Le jeudi 12 janvier 2017 à 15:16:57, vous écriviez :
Sounds as if you have nginx set up for TLS termination, too. This does not make sense, because haproxy will already have decrypted the traffic. Make sure nginx does not expect https on what in your config would be ip_email_server:888. -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711 | Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.de Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas Pustina, Michael Rosbach, Handelsregister-Nr.: HRB 18655, HR-Gericht: Bonn, USt-IdNr.: DE-815299431
|
--
Cordialement,
Thierry e-mail : lenai...@maelenn.org