Moving SSL termination from web server to HAProxy - L7 Timeout


#1

Hi,

I’m sure it’s something that I am overseeing.

I am moving from my web servers (apache/httpd) handling ssl termination, and instead handling ssl termination on the HAProxy instance instead. I already have the same setup for a different site of mine with HAProxy, but with nginx as my web server, and that works perfectly. I’ve copied the working config, but switched out the ip/addresses but to no avail.

Here’s my config:
https://hastebin.com/oxademeqar.pl

Here’s my status page:
https://imgur.com/5xIQXsT

I have disabled the http -> https redirect on my web server, and instead just have a standalone vhost (I can post here if needed).

Any advice would be much, much appreciated!


#2

Your health check fails with L7TOUT, meaning a layer 7 timeout.

Make sure your backend server responds to the healthcheck request coming from haproxy. Maybe tcpdump and checkout what happens at layer 7, and chechkout backend logs.