HTTP frontend with HTTPS backend


#1

I’m trying to simply get requests to my local ip address on port 80 to be directed to httpbin[dot]org. I’ve tried numerous configurations and all I’m getting from haproxy (version 1.5.19) are 503’s. Can someone tell me if this is possible? All I’m coming up with on my searches are how to force http to https using a redirect which is not what I want to do as I don’t want to put an SSL certificate on the frontend. I want haproxy to forward my http request and encrypt the request to the backend server. I’ve verified I can curl httpbin[dot]org from the same machine with no issue so it’s not a firewall problem and I can see haproxy attempting to make a connection on port 443 to that web server, just not sure what I’m missing.

haproxy.cfg:

global
log /dev/log local2
user haproxy
group haproxy
ssl-server-verify none
spread-checks 3

defaults
maxconn 32
log global
mode http
option httplog
option dontlognull
retries 2
option redispatch
timeout connect 5000
timeout client 10000
timeout server 10000

frontend test-in
bind *:80
default_backend test-out

backend test-out
http-request set-header Host httpbin.org
server test httpbin.org:443 ssl verify none no-sslv3


#2

Could be your backend server requires SNI.

Add sni str(httpbin.org) to your server configuration.