Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Haproxy SSL
Special Forums UNIX and Linux Applications Haproxy SSL Post 302843383 by timmywong on Tuesday 13th of August 2013 06:00:34 AM
Old 08-13-2013
Haproxy SSL
I have a single SSL eg. www.abc.com.

Im trying to get haproxy to accept any request eg. xyz.com or ijk.com to redirect to https://www.abc.com. Is this possible?


#---------------------------------------------------------------------
# main frontend for XXX which proxys to the backends
#---------------------------------------------------------------------
frontend sslApp443
mode http
bind XXX.XXX.XXX.XXX:80
bind XXX.XXX.XXX.XXX:443 ssl crt /etc/haproxy/certs/mailapplab.crt
option http-server-close
option forwardfor
reqadd X-Forwarded-Proto:\ https
redirect scheme https if !{ ssl_fc }
default_backend AppWebSSL443


#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend AppWebSSL443
mode http
balance roundrobin
option httpchk HEAD / HTTP/1.0
cookie SERVERID insert indirect
server LABAPP01SSL XXX.XXX.XXX.XXX:80 cookie LABAPP1 check inter 2000 rise 2 fall 5
server LABAPP02SSL XXX.XXX.XXX.XXX:80 cookie LABAPP2 check inter 2000 rise 2 fall 5

---------- Post updated at 06:00 PM ---------- Previous update was at 04:08 PM ----------

Its ok.. I managed to figure this out.


acl correctdomain hdr(host) www.abc.com
mode http
bind xxx.xxx.xxx.xxx:80
bind xxx.xxx.xxx.xxx:443 ssl crt /etc/haproxy/certs/mailapplab.crt
redirect location https://www.abc.com if !correctdomain
 

5 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

implicit ssl vs explicit ssl

Can someone explain the difference between the two. Thanks (1 Reply)
Discussion started by: jerardfjay
1 Replies

2. UNIX for Dummies Questions & Answers

to enable POP3(ssl) and SMTP(ssl) in Squid

i have configured Squid proxy server in Fedora 8 with two network interfaces. HTTP, HTTPS, FTP are working fine but we are unable to download mails using mail clients from mail server with POP3(ssl) and SMTP(ssl). so please someone help us how to enable pop and smtp in Squid. (1 Reply)
Discussion started by: praneel2k
1 Replies

3. Web Development

Apache, cgi script run twice when ssl, once when not ssl

I have interesting problem. https:/host/some/x.cgi - this script has run twice when I call this url But http:/host/some/x.cgi work fine, only once. Output is text/plain. If I change output format to the Content-type text/html, then both urls works fine - executed only once. (2 Replies)
Discussion started by: kshji
2 Replies

4. Red Hat

Centos 6.3 HAproxy not logging

I have configured rsyslog (CentOS 6.3) adding the -c 0 -r options and the line local2.* /var/log/haproxy.log and restarted rsyslog but all that happens is an haproxy.log gets created. It is never written to. Not quite sure how to troubleshoot this. Below is my haproxy.cfg file. Nothing else is... (0 Replies)
Discussion started by: glev2005
0 Replies

5. Linux

Apache wildcard ssl on subdomain serves same page for non ssl virtualhosts

Issue observed: I have configured ng.my-site.com using widlcard ssl cert. When I hit https://www.my-site.com it loads ng.my-site.com website! please advise if I missed any concept / configs... Thank you! httpd.conf <VirtualHost *:80> ServerName www.my-site.com ServerAdmin... (0 Replies)
Discussion started by: ashokvpp
0 Replies

LEARN ABOUT MINIX

ssl_new

SSL_new(3SSL)                                                         OpenSSL                                                        SSL_new(3SSL)

NAME

       SSL_new - create a new SSL structure for a connection

SYNOPSIS

        #include <openssl/ssl.h>

        SSL *SSL_new(SSL_CTX *ctx);

DESCRIPTION

       SSL_new() creates a new SSL structure which is needed to hold the data for a TLS/SSL connection. The new structure inherits the settings of
       the underlying context ctx: connection method (SSLv2/v3/TLSv1), options, verification settings, timeout settings.

RETURN VALUES

       The following return values can occur:

       NULL
           The creation of a new SSL structure failed. Check the error stack to find out the reason.

       Pointer to an SSL structure
           The return value points to an allocated SSL structure.

SEE ALSO

       SSL_free(3), SSL_clear(3), SSL_CTX_set_options(3), SSL_get_SSL_CTX(3), ssl(3)

1.0.1e                                                              2013-02-11                                                       SSL_new(3SSL)
All times are GMT -4. The time now is 02:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy