Hello,
I have san certificate in FE with alpn h2,http/1.1 and i want to select backend based on fqdn (host) because i can’t use sni, i tried but it’s not working.
with curl -Lv --http2 it’s working but not with browser.
The first request allow to access backend and backend give me a location (302), i follow the request with the location url but i have 503.
What is the best way to configure with h2 and alpn if i have san certificate.
my haproxy version 2.8.0.
I use alpn so hdr(host) but i have a 503 with browsers (firefox,chrome…) but not with curl.
–FE default config (so alpn h2 http/1.1)
----BE1 h2 (302 - redirect client to BE2)
----BE2 without h2
If i access directly to BE2 through FE it’s working or if i wait a bit after 503 and i refresh the page i access BE2.
i don’t know why but i’m checking headers and others parameters.
Could you tell me what is the difference between http.req.ver and [ssl_fc_alpn] ?
in my log i have /%[ssl_fc_alpn]–%[capture.req.ver]/
and i have /h2–HTTP/1.1/
I use alpn so hdr(host) means that I use hdr(host) content to select backend
I don’t know why I can’t connect, the selected backend is ok with hdr(host) I can see it in the log.
Now I compare the headers with curl and with browser, I will come back to let you know.