Hi, I’m a newbie to HAProxy
We are running HA-Proxy version 1.5.18
We have an application that uses multiple backend services running on different ports; this app is configured with port 443 on the frontend, and we want to free up 443 for use with another new application. The new application does not need to be proxied through HAProxy, but we are open to options at this stage.
How can we change the config to handle this? I’ve pasted our configs below.
PS: We’ve already tried changing the port in frontend-main.cfg to 8443 but that doesn’t work. Error snapshot shown below. Internal redirection between the services was not working; seems the backend services assume port 443 when communicating with each other. Is there a way to force 8443 by using http-request/http-response elements or something else? Thanks.
This is our frontend config…
frontend-main.cfg
frontend main
bind *:443 v4v6 ssl no-sslv3 force-tlsv12 crt /etc/haproxy/tls/haproxy.all.pem
redirect scheme https if !{ ssl_fc }
http-response set-header X-Frame-Options SAMEORIGIN
use_backend backend_%[path,map_beg(/etc/haproxy/backends.map,notfound)]
These are some of our backend configurations attached to the app…
backend-authentication.cfg
backend backend_authentication
server service_authentication < host name here >:8101 check ssl verify none
http-response set-header Strict-Transport-Security “max-age=16000000;\ includeSubDomains;\ preload;”
backend-dashboard.cfg
backend backend_dashboard
server service_dashboard < host name here >:8106 check ssl verify none
http-response set-header Strict-Transport-Security “max-age=16000000;\ includeSubDomains;\ preload;”
backend-workflow.cfg
backend backend_workflow
server service_workflow < host name here >:8104 check ssl verify none
http-response set-header Strict-Transport-Security “max-age=16000000;\ includeSubDomains;\ preload;”
backend-notfound.cfg
backend backend_notfound
http-request redirect location /dashboard/