Enable haproxy CORS support for https

irs · April 25, 2023, 7:53am

Hello

I have no experience in managing and configuring haproxy, but I need to quickly adapt the existing haproxy configuration, which currently looks like this:

frontend rpc-lcd-frontend
bind A.B.C.D:443 ssl crt /etc/ssl/certs/cert.pem
acl rpc ssl_fc_sni service1.domain.com
acl lcd ssl_fc_sni service2.domain.com
acl connector ssl_fc_sni connector.domain.com

use_backend service1.domain.com if rpc
use_backend service2.domain.com if lcd
use_backend connector.domain.com if connector

backend rpc.domain.com
server server1 A.B.C.D:26657

backend lcd.domain.com
server server1 A.B.C.D:1317

backend connector.domain.com
server server1 A.B.C.D:8124

I need to enable CORS support in this configuration, but only for the connector.domain.com domain. At the same time, traffic must be carried out via the HTTPS protocol.
I found many examples of how to enable CORS, but they require the http mode.
How to do this?

lukastribus · April 25, 2023, 8:39am

The use of ssl_fc_sni is wrong here, you need to use hdr(host) instead.

Correct, to modify HTTP headers you need to be in HTTP mode, there is no way around that.

Topic		Replies	Views
Haproxy as reverse HTTPS proxy Help!	13	8105	August 20, 2018
Help with SSL config with 1 root cert but mutiple subdomains listening on port 443 Help!	18	1097	July 17, 2020
Unable to enable CORS in haproxy 1.5 Help!	1	4266	August 30, 2019
[SOLVED] One IP, fistful of domains, pack of subdomains and HAProxy in front of it Help!	12	2956	November 4, 2018
Haproxy for HTTPS as a web proxy to internal lan Help!	2	1474	October 6, 2020

Enable haproxy CORS support for https

Related topics