New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Help with HAProxy and SSL
agoldenberg
Member, Host Rep
in Help
ok so I have 2 web servers both running on SSL and Non-SSL
srv1.domain.com
srv2.domain.com
I also have HAProxy running on proxy.domain.com
how do I get it so that when traffic hits http://proxy.domain.com it goes to port 80 and https://proxy.domain.com goes to port 443 on the nodes?
I've tried all the tutorials I can find but not one of them works.

Comments
Hey,
Have you made sure that HAProxy is listening on both ports 80 and 443 (HTTP and HTTPS respectively) and each uses the backend "application-backend" as the default.
Config file should be like this,
global
defaults
frontend http-in
frontend https-in
backend application-backend
Of course you need to fill in the blanks / edit it where i've said
@Shivam I believe so. My config is below.
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet defaults log global mode http option httplog option dontlognull option http-server-close retries 3 option redispatch fullconn 1000 maxconn 1000 timeout queue 600s timeout connect 5s timeout client 600s timeout server 600s frontend http-in bind proxy.domain.com:80 bind proxy.domain.com:443 ssl crt /etc/ssl/ssl.crt reqadd X-Forwarded-Proto:\ https if { ssl_fc } default_backend normal option forwardfor backend normal server srv1 srv1.domain.com minconn 100 maxqueue 10000 check-ssl server srv2 srv2.domain.com minconn 100 maxqueue 10000 check-sslRight now http://proxy.domain.com is working fine, but https I get a bad gateway error.
@Shivam got it working!
global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 #chroot /usr/share/haproxy user haproxy group haproxy daemon #debug #quiet defaults log global mode http option httplog option dontlognull option http-server-close retries 3 option redispatch fullconn 1000 maxconn 1000 timeout queue 600s timeout connect 5s timeout client 600s timeout server 600s frontend http-in bind proxy.domain.com:80 default_backend normal option forwardfor frontend http-in-ssl bind proxy.domain.com:443 ssl crt /var/ssl/super.crt reqadd X-Forwarded-Proto:\ https if { ssl_fc } default_backend ssl option forwardfor backend normal server srv1 srv1.domain.com minconn 100 maxqueue 10000 server srv2 srv2.domain.com minconn 100 maxqueue 10000If i helped in someway, glad you got to it at the end
Let me know if you need additional help 