Hi everybody, I have installed and configured HAProxy with pound in order to have SSL termination at the SLB level and it worked OK until today and we discovered a problem that does not make sense to me, I will try to explain it here:
So we have a website that does cross domain authentication with SSL: From www.site.com you are authentication against my.site.com Number of server: When I have only 1 web server behind the SLB, everything is working perfectly fine. When I have 2 or more web servers behind the SLB, I am experiencing the problem. Cookies activation: Here is how I activated the cookies: cookie HAPROXYID insert indirect server gr-web04 10.10.5.14 weight 10 check port 80 fastinter 1000 cookie gr-web04 When the cookies are turned off, I notice the problem from time to time: roughly once every 20 clicks When the cookies are turned on, the problem happens once every 2 clicks (so in 50% of the cases). Explanation of what I am seeing: The first request are going to the first web (http://www.site.com) site in clear (HTTP) then they are going to another part of the site ( https://www.first.com) through SSL. When it works you are then redirected to http://my.site.com and you carry on... As I understand the problem happens as the result of the script ran during the SSL connection (I am sure the script works as when there is only 1 webserver for http and https, it works perfectly fine). But I believe that when it is load balanced to another server in order to do the SSL connection, then it is not happy... I have noticed as well that the communication on www.site.com are done on server A whereas communication on my.site.com are done on server B when it is successful... I have now spent a couple of days on the problem and I do not understand why I am having is really random behaviour ... That does not make sense to me at all. If you want more information about the problem please let me know and I will be happy to give you all the information you need! Thanks a lot in advance! Gael -- Gaël Reignier Contacts : mail : gael.reign...@gmail.com Twitter: gael.reignier Skype: gael.reignier Facebook GSM UK: 0044 7 942 042 374 GSM FR: 0033 6 2306 8929
