I’d like to set up SSL termination for a log-forwarder but I’m having trouble getting it to work. According to the HAProxy 2.4 documentation, the
ssl bind parameter should work in a
log-forward section but when I connect to it using an SSL client, it just hangs. As a work around I set up a separate listener to do ssl termination and that works but I’d rather avoid the secondary hop. Here’s my config:
global maxconn 1000 defaults timeout client 30s log-forward my-forwarder bind *:3514 bind *:36514 ssl crt /path/to/cert log stdout format rfc5424 local0 listen tls-terminator bind *:9999 ssl crt /path/to/cert timeout connect 10s timeout server 30s server s1 127.0.0.1:3514
I can connect to port 9999 using SSL but connections to port 36514 hang. Do you have any idea what the problem might be?