Hi,
I have this scenario:
client —> Ha Proxy (cert fqdn: adfs.com) --------> ADFS (cert fqdn: adfs.int)
So in the client browser they will type https://adfs.com/adfs/ls/idpinitiatedsignon.aspx and re-directed to ADFS with a cert of fqdn: adfs.int.
My current configuration below does not work. I’m getting error “503 Service Unavailable” if I type in https://adfs.com. But it will work if I use https://adfs.int.
Any suggestion?
Thank you.
frontend adfsfe
bind *:443 ssl crt adfs.com.pem
mode http
default_backend adfsbe
backend adfsbe
mode http
balance roundrobin
http-check expect string Sign\ in
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
server adfs1 10.0.2.27:443 ssl verify none sni ssl_fc_sni inter 3s rise 2 fall 3