Haproxy serving wrong SSL certificate for a subdomain


#1

I have a Server that runs haproxy to redirect incoming traffic to the correct process based on the subdomain. haproxy is configured to use different SSL certificates depending on the subdomain.

The configuration works, however sometimes (quite often though), haproxy serves the wrong certificate (it serves the certificate of another subdomain). I have to refresh the page multiple times in order to get the correct one.

I don’t know if it’s more probable, but it looks like haproxy is not getting the correct subdomain in the request

Here is my haproxy configuration: http://pastebin.com/WZhd2e52


#2

I assume wiki.xxx and files.xxx.com are the same IP. This cannot work, the kernel is load-balancing between the 2 frontends.

If you have 1 IP with port 443, you need to use a single frontend.


#3

Indeed they use the same Ip, I fixed it by using one frontend like you said and using sni for using the correct backend.
Thanks!