Hi, You should consider to use the brand new redirect just ment for that :
redirect scheme https code 301 if ! secure Regards Le jeudi 07 février 2013 11:38:34 Robbert van Waveren a écrit : > Hi, > > I'm trying out HAProxy and would like to use as our general purpose > proxy/loadbalancer. > Currently I've all requirements tackled except forcing the use of > https (by means of a redirection). > We're planning host many different sub domains so I really need to > redirect to be as generic as possible. > > On the web I found a solution proposal using "reqirep" to rewrite the > host header to https and then a generic redirect. > However I can't get it to work as the redirect seems to fail to add > the protocol+host part in the redirect url. > (Leading to a redirect loop) > > Below is a simplified configuration that I'm currently trying to get > working. > Note that I´m using HAProxy itself to deal with SSL termination. > > global > maxconn 4096 > daemon > nbproc 2 > defaults > clitimeout 60000 > srvtimeout 30000 > contimeout 4000 > mode http > > frontend fe_default > bind :443 ssl crt /opt/haproxy/ppc.pem crt /opt/haproxy/keystore/ > bind :80 > acl secure dst_port 443 > reqirep ^Host:[\ ]*\(.*\) Host:\ https://\1 if ! secure > redirect prefix / if ! secure > default_backend be_default > > backend be_default > balance roundrobin > option httpchk > cookie srv insert postonly indirect > server civ1 10.2.32.175:443 weight 1 maxconn 512 check cookie one > server civ2 10.2.32.176:443 weight 1 maxconn 512 check cookie two > > > Any help is much appreciated. > > Regards, > > Robbert -- Guillaume Castagnino ca...@xwing.info / guilla...@castagnino.org
