Hi, i have configure haproxy-1.5.4-1.el6.x86_64 with this config frontend inbound-https bind :443 #ssl crt ./my_view_cert.pem mode tcp option tcplog default_backend view_https
backend view_https mode tcp option tcplog option httpchk OPTIONS / http-check expect status 200 option ssl-hello-chk #make sure we can talk SSL, not just TCP balance source balance roundrobin stick on src stick-table type ip size 100m expire 1h server milap9900 172.16.74.17:443 check id 1 inter 10s rise 5 fall 2 server milap9901 172.16.74.18:443 check id 2 inter 10s rise 5 fall 2 but when one server responding with 503 haproxy not exclude a fail node from haproxy machine i check: wget https://172.16.74.17 --no-check-certificate --2014-10-15 16:17:15-- https://172.16.74.17/ Connessione a 172.16.74.17:443...connesso. AVVERTIMENTO: impossibile verificare il certificato di 172.16.74.17, rilasciato da "/O=VMware, Inc./OU=VMware View default certificate/CN=milap9900": Impossibile verificare localmente l'autorità dell'emittente. AVVERTIMENTO: certificate common name "milap9900" doesn't match requested host name "172.16.74.17". HTTP richiesta inviata, in attesa di risposta... 503 Service Unavailable 2014-10-15 16:17:36 ERRORE 503: Service Unavailable. where am I wrong? Best Regard Pasquale