Hi,
I try to do the following:
- incoming http request on IP1 on port 5090 is redirected to become https on IP1
- content is delivered from backend server with IP2 via htttp
HAProxy is running on IP1 and apache is running on IP2, configured for http listening on port 5090.
My HAProxy looks like:
global
log /dev/log local0 debug
#chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
stats socket /var/lib/haproxy/stats
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend main
mode http
bind *:5090
http-request redirect scheme https code 302
frontend main2
bind *:443 ssl crt /etc/certs/cert.pem
default_backend my-backend
backend my-backend
mode http
server server1 <IP2>:5090
However, that doesn’t work as I hoped. What happens is that an incoming http request on port 5090 is changed to become https, but the port 5090 stays in the URL, e.g.
http://:5090/path/to/index becomes https://:5090/path/to/index
which then of course does not work and results in:
main main/ -1/-1/-1/-1/0 400 0 - - PR-- 1/1/0/0/0 0/0 “”
When I remove the redirect in “frontend main” and let it stay plain http, then the content is delivered from “my-backend”.
How do I need to change the frontend part to have incoming http requests on port 5090 changed to https (port 443) and then have content delivered from the http endpoint on IP2?
I already tried different redirect codes, but always with the same result.