Hi all,
I want to use SNI with httpchk on HAProxy 1.7.10 to connect to CloudFront
distributions as backend servers.
I saw in this mailing-list archives that SNI is not used by default even when
using the ssl directive.
We don't pay for SNI on that distribution, that means CloudFront doesn't
provide a certificate on its default vhost.
Because of that, all healthchecks fail with "handshake failure".
I temporarily by-passed the issue by adding "port 80" to allow healthchecks
over HTTP:
option httpchk HEAD /check HTTP/1.1\r\nHost:\ mydistribution.cloudfront.net
server mydistribution mydistribution.cloudfront.net:443 check resolvers
mydns port 80 cookie no-sslv3 ssl verify required ca-file ca-certificates.crt
Does anybody know how can I use healthchecks over HTTPS with SNI support ?
Many thanks,
Vincent
