I have two app servers
172.17.128.94 DP-KKM-prod .domen .com
172.17.128.101 DP-KKM-prod2 .domen .com
and one load balancer server
172.17.128.97 DP-KKM-balance .domen .com
Both app servers are running two IIS applications using Windows Authentication and the HTTPS protocol. The certificate for each server has its own. I only used Haproxy for simple HTTP configurations and here I don’t even understand how to approach this task.
I created config but it doesn’t work
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats timeout 30s
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:8080
stats uri /haproxy?stats
frontend kkm_web_front
bind *:80 name DP-KKM-balance
mode http
option http-keep-alive
timeout client 30s
default_backend kkm_web_back
backend kkm_web_back
mode http
balance roundrobin
option http-keep-alive
option prefer-last-server
timeout server 30s
timeout connect 4s
server static app1 DP-KKM-prod:443 check
server static app2 DP-KKM-prod2:443 check
Are Windows Authentication and NTLM different or the same thing?
Is it possible to proxy these applications at all?
If yes, then maybe someone has a ready-made config file that can be taken as a basis?