Am 25.08.17 um 08:49 schrieb Lukas Tribus: > Hello, > > > Am 25.08.2017 um 01:47 schrieb Keresztes Péter-Zoltán: >> Hello >> >> Basically what I need is when I browse /service/ws to use client certificate >> authentication otherwise for everything else to use normal ssl termination > > this is not possible with Haproxy. > > Also, never ever bind to the same port twice. The kernel will load-balance > between the 2 frontends and the behavior will be undeterministic. > > > cheers, > lukas > > > you can do or use client authentication with ssl certificates on haproxy. BUT
1) you have to use and configure the certificates on haproxy 2) you can not pass this certificate to the backend server. only eg. user name as an environment variable markus
