I have a httpproxy resource listening on port 443 and I have HAProxy pointing to the LoadBalancer IP of Contour with the following configuration: `:443 check ssl verify none`. When I try to curl the url I setup with HAProxy I get a 503 error. When I use the resolve option for curl I’m able to get a 200 response `curl -k https://test.com --resolve test.com:443: -v`. When the HAProxy health check is looking at port 443, the backend shows as down, but if I change the backend to port 80 the backend is up. I’ve confirmed that TLS versions and cipher suites are matched.
Troubleshooting this will be hard without a minimal config sample. Remove the check keyword, you may have configured httpchk without ssl. Just guessing. Do you have access to stats page?
server workload-test-nginx :443 check ssl verify none
I tried removing check and it still didn’t work. The backend shows as down on the status page with these settings, but if I change the check to port 80 the backend shows as up but I still get a 503.