I just can’t to figure it out !
I want to listen at 443 port (frontend), use SSL offloading and use a Backend server that is outside of our LAN (In Internet) and connect on 443 port with SSL connection as well.
But whatever I try I am getting “503 Service Unavailable”
Btw I test accessing the IP, not the hostname
This is my haproxy.cfg
Automaticaly generated, dont edit manually.
Generated on: 2019-07-17 15:30
global
maxconn 10000
stats socket /tmp/haproxy.socket level admin
uid 80
gid 80
nbproc 1
hard-stop-after 15m
chroot /tmp/haproxy_chroot
daemon
tune.ssl.default-dh-param 2048
server-state-file /tmp/haproxy_server_state
listen HAProxyLocalStats
bind 127.0.0.1:2200 name localstats
mode http
stats enable
stats admin if TRUE
stats show-legends
stats uri /haproxy/haproxy_stats.php?haproxystats=1
timeout client 5000
timeout connect 5000
timeout server 5000
resolvers globalresolvers
nameserver Google 8.8.8.8:53
resolve_retries 3
timeout retry 1s
hold valid 10s
frontend WAN_HTTPS
bind 94.100.100.135:443 name 94.100.100.135:443 ssl crt-list /var/etc/haproxy/WAN_HTTPS.crt_list
mode http
log global
option http-keep-alive
timeout client 30000
acl aclcrt_WAN_HTTPS var(txn.txnhost) -m reg -i ^seznam.cz.cz(:([0-9]){1,5})?
acl aclcrt_WAN_HTTPS var(txn.txnhost) -m reg -i ^www\.seznam\.cz(:([0-9]){1,5})?
http-request set-var(txn.txnhost) hdr(host)
use_backend Proxy-old_ipvANY if aclcrt_WAN_HTTPS
backend Proxy-old_ipvANY
mode http
id 103
log global
timeout connect 30000
timeout server 30000
retries 3
option httpchk OPTIONS /
server SERVER1 77.75.74.172:443 id 105 ssl check inter 1000 weight 1 verify none resolvers globalresolvers