Error: failed to parse log-format : format variable 'Tq' is reserved for HTTP mode

ralf · March 2, 2018, 11:28am

Hi Everyone,

I’ve got a working setup where haproxy 1.8.3 successfully balances HTTP traffic. I now want to add TLS / SSL. The result should be, that HTTP and HTTPS work in parallel.

When adding a frontend section for SSL, the configuration fails with:

Parsing [/etc/haproxy/haproxy.cfg.new:27]: failed to parse log-format : format variable 'Tq' is reserved for HTTP mode.

I do have a log-format statement in the defaults:

log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %rc\ %hr\ %hs\ %rt\ %{+Q}r\ %sslc\ %sslv\ body:%[capture.req.hdr(0)]

How can I configured HTTP and HTTPS to work in tandem and keep the log format for HTTP connections?

lukastribus · March 2, 2018, 11:32am

Even if you use HTTPS, the frontend still needs to be in mode http.

ralf · March 2, 2018, 11:35am

Thanks! Adding mode http to the TLS frontend section resolved the error. Follow-up question: I basically want all of the health checks etc. which I’ve got in place for HTTP to be the same for HTTPS. Do I have to repeat the config directives from the HTTP section or is there any way to “combine” both sections, e.g. have one config for HTTP and HTTPS?

lukastribus · March 2, 2018, 11:38am

None of this is necessary, you don’t even need a new frontend:

Just add a new bind line for ssl:

frontend blabla
 bind :80
+ bind :443 ssl crt /path/to/certificate.pem
 default_backend backendbla

Topic		Replies	Views
Logging formats for errors Help!	0	829	August 3, 2018
Log-format for failed TLS Help!	1	626	April 6, 2021
Question regarding custom log formats Help!	2	656	July 13, 2018
What setting in my default prevents setting "log-format" Help!	0	737	July 2, 2021
Create two logs with different formats Help!	0	339	May 22, 2023

Error: failed to parse log-format : format variable 'Tq' is reserved for HTTP mode

Related topics