Hi Roberto.

On 25.10.22 17:01, Roberto Carna wrote:
Sorry, I want two different backends with same IP/port and different
SSL options as follow, and the same SSL wildcard certificate:

# Frontend 1 with certain SSL options
frontend Web1
bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
no-tls-tickets force-tlsv12
acl url_web1                            hdr_dom(host) -i www1.example.com
use_backend Server1              if url_web1

# Frontend 2 with any SSL options
frontend Web2
bind 10.10.1.1:443 ssl crt /root/ssl/
acl url_web2                            hdr_dom(host) -i www2.example.com
use_backend Server2              if url_web2

I made the above configuration, but sometimes the web traffic doesn't
reach the second server, until a browser refresh.

I think you could use this option for your setup.
https://docs.haproxy.org/2.6/configuration.html#5.1-crt-list

Hth
Alex

Special thanks!

El mar, 25 oct 2022 a las 10:16, Roberto Carna
(<robertocarn...@gmail.com>) escribió:

Dear, I have a HAproxy server with two different frontends with the
same IP and port, both pointing to different backends, as follow:

frontend Web1
bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
no-tls-tickets force-tlsv12
acl url_web1                            hdr_dom(host) -i www1.example.com
use_backend Server1              if url_web1

frontend Web2
bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
no-tls-tickets force-tlsv12
acl url_web2                            hdr_dom(host) -i www2.example.com
use_backend Server2              if url_web2

If somebody goes to www1.example.com he enters to the first frontend,
and if somebody goes to www2.example.com he enters to the second
frontend.

Is this configuration OK or do I have to have any errors???

Thanks a lot!


Reply via email to