On 06/07/2014 04:27 μμ, Jarno Huuskonen wrote: > Hi, > > On Sun, Jul 06, Pavlos Parissis wrote: >> My conf[1] is quite simple and HAProxy has support for SSL [2]. What I >> observe(using tcpdump) is that health checks are in SSL mode(SSL >> handshake followed by a HTTP request) but incoming request over HTTPS >> goes to backend without any SSL handshake which results to famous HTTP >> status error from nginx >> >> Any ideas if what I try to achieve is possible? > > I think you're missing ssl keyword from your server configs: > http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-ssl >
oh bummer, I am blind:-) > (Also check verify / ssl-server-verify: > http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-verify > http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#3.1-ssl-server-verify) > Yeap I know about those settings, will enable them at a later stage as right now I want to get the basic functionality in place and later tune the SSL part(less CPU-intensive ciphers, cache, session re-use etc) Thanks a lot Jarno, Pavlos
signature.asc
Description: OpenPGP digital signature
