I migrated to 1.8 and sni + check-sni are working fine with the following code:
8------------------------------------------------------------------------------------------------8
backend cloudfront
http-request set-header Host 123456789abcde.cloudfront.net
option httpchk HEAD /check HTTP/1.1\r\nHost:\ 123456789abcde.cloudfront.net
server applaunch 123456789abcde.cloudfront.net:443 check resolvers mydns
no-sslv3 ssl verify required ca-file ca-certificates.crt sni req.hdr(host)
check-sni 123456789abcde.cloudfront.net
8------------------------------------------------------------------------------------------------8
Obviously I cannot use %[req.hdr(host)] for "option httpchk" nor for
"check-sni" directives.
Do you know how can I define only one time my Host header in the code above ?
Thanks,
Vincent
________________________________
De : GALLISSOT VINCENT
Envoyé : lundi 23 avril 2018 17:33
À : Lukas Tribus
Cc : [email protected]
Objet : RE: Use SNI with healthchecks
Thank you very much for your answers,
I'll migrate to 1.8 asap to fix this.
Vincent
________________________________
De : [email protected] <[email protected]> de la part de Lukas Tribus <[email protected]>
Envoyé : lundi 23 avril 2018 17:18
À : GALLISSOT VINCENT
Cc : [email protected]
Objet : Re: Use SNI with healthchecks
Hello Vincent,
On 23 April 2018 at 16:38, GALLISSOT VINCENT <[email protected]> wrote:
> Does anybody know how can I use healthchecks over HTTPS with SNI support ?
You need haproxy 1.8 for this, it contains the check-sni directive
which allows to set SNI to a specific string for the health check:
http://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.2-check-sni
Regards,
Lukas
