Hi,
i have configure haproxy-1.5.4-1.el6.x86_64 with this config
frontend inbound-https
bind :443 #ssl crt ./my_view_cert.pem
mode tcp
option tcplog
default_backend view_https
backend view_https
mode tcp
option tcplog
option httpchk OPTIONS /
http-check expect status 200
option ssl-hello-chk #make sure we can talk SSL, not just TCP
balance source
balance roundrobin
stick on src
stick-table type ip size 100m expire 1h
server milap9900 172.16.74.17:443 check id 1 inter 10s rise 5 fall 2
server milap9901 172.16.74.18:443 check id 2 inter 10s rise 5 fall 2
but when one server responding with 503 haproxy not exclude a fail node
from haproxy machine i check:
wget https://172.16.74.17 --no-check-certificate
--2014-10-15 16:17:15-- https://172.16.74.17/
Connessione a 172.16.74.17:443...connesso.
AVVERTIMENTO: impossibile verificare il certificato di 172.16.74.17,
rilasciato da "/O=VMware, Inc./OU=VMware View default
certificate/CN=milap9900":
Impossibile verificare localmente l'autorità dell'emittente.
AVVERTIMENTO: certificate common name "milap9900" doesn't match
requested host name "172.16.74.17".
HTTP richiesta inviata, in attesa di risposta... 503 Service Unavailable
2014-10-15 16:17:36 ERRORE 503: Service Unavailable.
where am I wrong?
Best Regard
Pasquale
