with first config, the access don’t work .
with second config, the access work.
need to define the difference on first case to implement the right acl.
I tried to use log and extract host and log said that it is the same in both case.
any idea to dig more ?
version Haproxy 1.7.5-2.
My config
frontend https-in
bind xxx.xxx.xxx.xxx:443 ssl crt /etc/haproxy/certs/xxx.xxxx.xx
option logasap
# log the name of the virtual server
capture request header Host len 500
…
log-format "<%CC/%CS><%HM|%HP|%HV|%r>%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%T$
acl letsencrypt-acl path_beg /.well-known/acme-challenge/
acl server1_acl hdr(host) -i server1.mydomain.net
....
default_backend trash_backend
or
_ default_backend server1_backend_
backend letsencrypt-backend
server letsencrypt 127.0.0.1:54321
backend server1_backend
redirect scheme https if !{ ssl_fc }
server server1 xxx.xxx.xxx.xxx:443 ssl verify none
backend trash_backend
http-request deny
Version with default_backend trash_backend
%hr %hs --> server1.mydomain.net:443|50|} {||||}
Version with default_backend server1_backend
%hr %hs --> server1.mydomain.net:443|50|} {nginx||||}