Hello,
I have haproxy with SSL termination config.
frontend http-in
log global
maxconn 50000
timeout http-request 5s
option forwardfor
bind x.x.x.x:80
reqadd X-Forwarded-Proto:\ http
mode http
redirect scheme https code 301
frontend secure-s
log global
mode http
maxconn 50000
option http-server-close
bind x.x.x.x:443 name seapps ssl crt /usr/local/ssl/wc/nwc_rn.pem crt /usr/local/ssl/wc/fullchain.pem alpn h2,http/1.1
acl hsts_exists res.hdr_cnt(Strict-Transport-Security) gt 0
http-response add-header Strict-Transport-Security max-age=31536000;\ includeSubDomains if ! hsts_exists
rspadd Content-Security-Policy:\ upgrade-insecure-requests
reqadd X-Forwarded-Proto:\ https
redirect scheme https code 301 if !{ ssl_fc }
default_backend apps
backend apps
option forwardfor
option http-server-close
option tcp-smart-connect
cookie SERVERID insert
server ap1 192.168.1.10:80 maxconn 1000 cookie 1 check
server ap2 192.168.1.11:80 maxconn 1000 cookie 2 check
On Apache server
<VirtualHost *:80>
ServerName sd.example.com
DocumentRoot /html/static
RewriteEngine on
#remove slash
RewriteRule ^/search-(.*?)-products\/$ /search-$1-products [R=301,L]
...
...
</VirtualHost>
Now, When I hit
$curl -I https://sd.example.com/search-hr-ele-equip-products/
HTTP/1.1 301 Moved Permanently
Date: Mon, 21 May 2018 06:44:17 GMT
Server: Apache
Location: http://sd.example.com/search-hr-ele-equip-products
Content-Type: text/html; charset=iso-8859-1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: upgrade-insecure-requests
Set-Cookie: SERVERID=1; path=/
Location: http://sd.example.com/search-hr-ele-equip-products -----> Again get to https with 301 -I need to eliminate this. Please advise - if I need to add some rules in Apache ?