I don’t mind the idea, it would reduce having a separate service/ proxy. If creating it inside HAProxy then wouldn’t that mess with the threading and it blocking?
> On 20 Jun 2022, at 9:47 pm, William Lallemand <wlallem...@haproxy.com> wrote: > > On Mon, Jun 20, 2022 at 08:27:22PM +1000, Philip Young wrote: >> Thanks for the answer William, it is very much appreciated. It is good to >> get some clarification and will stop me continuing to spend time trying to >> get it to work. >> >> In the meantime, I am working around the problem by calling out to a local >> python service running on the same machine as HAProxy over http, which is >> then making the authorisation request with a client certificate. Not ideal, >> but will switch out the hack once it is supported in HAProxy. >> >> Thanks again >> Phil >> > If you want to take the hackish road, you can just simply create a proxy > in your haproxy which does this, with an SSL server and a crt. This way > you can still use the httpclient or the socket API directly with this > proxy. > > -- > William Lallemand