Hello, > > Unfortunately I the "show errors" returned empty, so I guess it > was something else. The good news is that I gave haproxy 1.4.2 a > try today and the 502/PR error with PUT/TE:chunked requests have > now vanished. So thanks for solving this. I'm not sure which one of > the bugs I was hitting but it does not really matter since it now > seems to be fixed. > > So now when I got a working haproxy 1.4, I continued to try out > the "option http-server-close" but I hit a problem with our > stunnel (patched with stunnel-4.22-xforwarded-for.diff) instances. > It does not support keep-alive, so only the first HTTP request in > a keepalive-session gets the X-Forwarded-For header added (insert > Homer "doh!" here :). When giving it some thought, I guess this is > the expected behaviour for what stunnel actually is supposed to do. > So, for now I'll stick with "option httpclose" for a while > longer... > > Keep up the good work! > > Best regards Erik >
Maybe it's worth a try for you to get along with nginx as stunnel replacement ? Its performance is quit good and the config can be held very short, too for only accepting ssl traffic and directing it to haproxy. kind regards, Malte