Thanks, I'll check it out.
El mar, 25 oct 2022 a las 20:27, Aleksandar Lazic
(<al-hapr...@none.at>) escribió:
>
> Hi Roberto.
>
> On 25.10.22 17:01, Roberto Carna wrote:
> > Sorry, I want two different backends with same IP/port and different
> > SSL options as follow, and the same SSL wildcard certificate:
> >
> > # Frontend 1 with certain SSL options
> > frontend Web1
> > bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
> > no-tls-tickets force-tlsv12
> > acl url_web1 hdr_dom(host) -i www1.example.com
> > use_backend Server1 if url_web1
> >
> > # Frontend 2 with any SSL options
> > frontend Web2
> > bind 10.10.1.1:443 ssl crt /root/ssl/
> > acl url_web2 hdr_dom(host) -i www2.example.com
> > use_backend Server2 if url_web2
> >
> > I made the above configuration, but sometimes the web traffic doesn't
> > reach the second server, until a browser refresh.
>
> I think you could use this option for your setup.
> https://docs.haproxy.org/2.6/configuration.html#5.1-crt-list
>
> Hth
> Alex
>
> > Special thanks!
> >
> > El mar, 25 oct 2022 a las 10:16, Roberto Carna
> > (<robertocarn...@gmail.com>) escribió:
> >>
> >> Dear, I have a HAproxy server with two different frontends with the
> >> same IP and port, both pointing to different backends, as follow:
> >>
> >> frontend Web1
> >> bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
> >> no-tls-tickets force-tlsv12
> >> acl url_web1 hdr_dom(host) -i www1.example.com
> >> use_backend Server1 if url_web1
> >>
> >> frontend Web2
> >> bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10 no-tlsv11
> >> no-tls-tickets force-tlsv12
> >> acl url_web2 hdr_dom(host) -i www2.example.com
> >> use_backend Server2 if url_web2
> >>
> >> If somebody goes to www1.example.com he enters to the first frontend,
> >> and if somebody goes to www2.example.com he enters to the second
> >> frontend.
> >>
> >> Is this configuration OK or do I have to have any errors???
> >>
> >> Thanks a lot!
> >
