Hi,
I need to set up a proxy server that will be used by multiple clients in my network. The clients will send their internet requests through this proxy. The requirement for the proxy is that it should not be able to terminate the SSL connection or decrypt the message content. It simply needs to forward the encrypted traffic without needing to inspect the message.
I’m using the Server Name Indication (SNI) to determine which backend server to route the requests to. However, I’m facing an issue with some of my clients that use the Java Apache Client. When these clients send a request through a proxy, they first send a CONNECT request. In my case, this CONNECT request is reaching the backend servers, which should not be happening.
How can I configure HAProxy to only forward the SSL connection to the backend servers, and not the CONNECT request? I need HAProxy to handle the CONNECT request without passing it along to the backend.