Hi all,
I have a very weird problem and need your help if you have any idea !
here is my very simple setup
...
frontend www_https
bind 169.54.85.244:443 ssl crt
/etc/pki/tls/certs/www.domain1.com.pem
bind 169.54.85.249:443 ssl crt
/etc/pki/tls/certs/www.domain1.com.pem
http-request set-header X-Forwarded-Proto https
use_backend wcweb if url_bm-full
frontend www_soap
bind 169.54.85.244:8000 ssl crt
/etc/pki/tls/certs/star.domain2.ca.pem
bind 169.54.85.249:8000 ssl crt
/etc/pki/tls/certs/star.domain2.ca.pem
acl wc_soap_port dst_port 8000
use_backend wcsoap if wc_soap_port
When ever I connect on the 8000 port I get the correct cert 75 % of the time
the rest I’m getting the other certs that should only be on port 443
Here is how I get the certificate ?
echo|openssl s_client -connect sphsoap100.bmtc.ca:8000 |openssl x509 -text
-noout 2>&1| grep www.domain1.com
I try with haproxy 1.5.14 ( haproxy-1.5.14-1.el6.src.rpm) and haproxy 1.5.4
(haproxy-1.5.4-2.el6_7.1.src.rpm)
If I try with openssl on port 443 I always get the correct cert which is the
first one but for the second one I have less luck ;-(
Any info from you would be great.
Guillaume
---
Guillaume Bourque, B.Sc.,
