Acl hdr(host) seem to be not working , How to debug?


#1

with first config, the access don’t work .
with second config, the access work.

need to define the difference on first case to implement the right acl.
I tried to use log and extract host and log said that it is the same in both case.
any idea to dig more ?

version Haproxy 1.7.5-2.
My config
frontend https-in
bind xxx.xxx.xxx.xxx:443 ssl crt /etc/haproxy/certs/xxx.xxxx.xx
option logasap
# log the name of the virtual server
capture request header Host len 500

log-format "<%CC/%CS><%HM|%HP|%HV|%r>%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%T$

acl letsencrypt-acl path_beg /.well-known/acme-challenge/
acl server1_acl hdr(host) -i server1.mydomain.net
....
default_backend trash_backend

or
_ default_backend server1_backend_

backend letsencrypt-backend
server letsencrypt 127.0.0.1:54321

backend server1_backend
redirect scheme https if !{ ssl_fc }
server server1 xxx.xxx.xxx.xxx:443 ssl verify none

backend trash_backend
http-request deny

Version with default_backend trash_backend
%hr %hs --> server1.mydomain.net:443|50|} {||||}
Version with default_backend server1_backend
%hr %hs --> server1.mydomain.net:443|50|} {nginx||||}