On 1/4/24 10:22 AM, Adriano Barbosa wrote:
Hi!
I'm trying to use relayd with multiple FQDNs mixing remote servers
with and without tls:
relayd -- fqdn1 --> 127.0.0.1 (no tls)
-- fqdn2 --> x.x.x.x (with tls)
I wrote my relayd.conf like this:
table <fqdn1> { 127.0.0.1 }
table <fqdn2> { x.x.x.x }
http protocol https {
tls keypair fqdn1
tls keypair fqdn2
match request header "Host" value "fqdn1" tag "fqdn1"
pass request tagged "fqdn1" forward to <fqdn1>
match request header "Host" value "fqdn2" tag "fqdn2"
pass request tagged "fqdn2" forward to <fqdn2>
}
relay wwwtls {
listen on egress port 443 tls
protocol https
forward to <fqdn1> port 80
forward with tls to <fqdn2> port 443
}
With one forward requiring TLS in a relay block, relayd will require TLS
for all forward statements in the relay block.
I have fqdn2 working and fqdn1 giving a "curl: (52) Empty reply from
server".
Removing "with tls" on the second forward, fqdn1 works and fqdn2 gives
a "Client sent an HTTP request to an HTTPS server."
Is it possible to have relayd working on this scenario? What am I
missing here?
Obrigado!
--
Adriano