On Fri, Mar 18, 2016 at 12:04 PM, Zachary Punches <zpunc...@getcake.com>
wrote:
> Yeah port 1027 is used for health checks over SSL.
>
> This HAP forwards requests off to our databases. The databases have a
> string in a table that indicates that the HAP instance can move all the way
> through the entire process before it lights as green.
>
> Our health checks in route 53 are setup to ping 1027 as the SSL port
>
> From: Igor Cicimov <ig...@encompasscorporation.com>
> Date: Thursday, March 17, 2016 at 4:18 PM
> To: Zachary Punches <zpunc...@getcake.com>
> Cc: Baptiste <bed...@gmail.com>, "haproxy@formilux.org" <
> haproxy@formilux.org>
> Subject: Re: Help! HAProxy randomly failing health checks!
>
> So is port 1027 used for health checks over SSL or not? I don't see any
> ssl settings on that port.
>
I see. In that case, since you are doing ssl pass-through in http mode, you
need to add ssl to your server line:
backend server0 ## added to allow gs ssl meta tag verification
reqrep ^GET\ /.*\ (HTTP/.*) GET\ /GlobalSignVerification\ \1
server server0_http server0.domain.com:80/GlobalSignVerification/
so it becomes:
server server0_http server0.domain.com:80/GlobalSignVerification/ ssl
if I understood your intention correctly and server0 is ssl enabled db.
