Hi all,
I want to use SNI with httpchk on HAProxy 1.7.10 to connect to CloudFront distributions as backend servers. I saw in this mailing-list archives that SNI is not used by default even when using the ssl directive. We don't pay for SNI on that distribution, that means CloudFront doesn't provide a certificate on its default vhost. Because of that, all healthchecks fail with "handshake failure". I temporarily by-passed the issue by adding "port 80" to allow healthchecks over HTTP: option httpchk HEAD /check HTTP/1.1\r\nHost:\ mydistribution.cloudfront.net server mydistribution mydistribution.cloudfront.net:443 check resolvers mydns port 80 cookie no-sslv3 ssl verify required ca-file ca-certificates.crt Does anybody know how can I use healthchecks over HTTPS with SNI support ? Many thanks, Vincent