0

I have following configuration in /etc/haproxy/haproxy.cfg

> frontend LB
>         bind *:80
>         reqadd X-Forwarded-Proto:\ http
>         default_backend LB
> 
> frontend LBS
>         bind *:443 ssl crt /etc/ssl/xy.pem
>         reqadd X-Forwarded-Proto:\ https
>         default_backend LB
> 
> backend LB *:80
>         redirect scheme https if !{ ssl_fc }
>         mode http
>         stats enable
>         stats hide-version
>         stats uri /stats
>         stats realm Haproxy\ Statistics
>         stats auth xxxx:yyyyyy         
>         balance roundrobin                      
>         option httpchk
>         option  httpclose
>         option forwardfor
>         cookie LB insert
>         server web1-srv xx.xx.xxx.xxx:80 cookie web1-srv check         
>         server web2-srv xx.xx.xxx.xxx:80 cookie web2-srv check

From log i have impression that https requests are not working

[07/Aug/2018:12:35:01.402] LB LB/ 10/-1/-1/-1/10 302 121 - - LRNN 0/0/0/0/3 0/0 "GET / HTTP/1.1"

G aulakh
  • 1
  • 1
  • 1

1 Answers1

1

Your frontend LBS "offloads" the https, and passes a http request to backend LB. Which then redirects to https. As you can see in your log: 302.

BTW, I think you should remove the "*:80" from your backend. The frontend LB is bound to port 80.

Gerard H. Pille
  • 2,569
  • 1
  • 13
  • 11