HAProxy community

HAProxy SSL Termination with differents ports, it's possible?


First, overview architecture:

—> https —> Apache --> https:7145 --> Balance (Haproxy):7145 --> backend:7145 (tomcat https).

  1. The connection https incoming in apache:
    ProxyPass /token https://balance:7145/token smax=5 max=10 ttl=120 retry=300
    ProxyPassReverse /token https://balance:7145/token

  2. haproxy conf

frontend https
bind ssl crt /etc/httpd/certificados/apiqlt/apiqlt.ogmaster.local.pem ( contains a cert for all the domains you want to host, or a wildcard cert that covers them)
mode http
default_backend server_https

backend server_https

redirect scheme https if !{ ssl_fc }

    mode http
    server server1 check
  1. The problem is that https is in different port and encrypts who is apache
  2. Like the haproxy made only brige the https connection, it’s possible ? with diffents ports https ?
  3. I tested with tcp mode without success for ssl backends