Moving SSL termination from web server to HAProxy - L7 Timeout

kingsloi · July 17, 2018, 11:29am

Hi,

I’m sure it’s something that I am overseeing.

I am moving from my web servers (apache/httpd) handling ssl termination, and instead handling ssl termination on the HAProxy instance instead. I already have the same setup for a different site of mine with HAProxy, but with nginx as my web server, and that works perfectly. I’ve copied the working config, but switched out the ip/addresses but to no avail.

Here’s my config:
https://hastebin.com/oxademeqar.pl

Here’s my status page:
https://imgur.com/5xIQXsT

I have disabled the http -> https redirect on my web server, and instead just have a standalone vhost (I can post here if needed).

Any advice would be much, much appreciated!

lukastribus · July 17, 2018, 11:52am

Your health check fails with L7TOUT, meaning a layer 7 timeout.

Make sure your backend server responds to the healthcheck request coming from haproxy. Maybe tcpdump and checkout what happens at layer 7, and chechkout backend logs.

Topic		Replies	Views
Http health check with SSL backend Help!	1	5614	October 6, 2016
A proper way to do SSL health check? Help!	9	10576	January 22, 2021
SSL termination, listening but not working Help!	1	1986	July 11, 2017
Why does health checking break my TCP proxy Help!	1	4402	June 6, 2016
Haproxy health check on https backend strange results Help!	0	260	March 31, 2022

Moving SSL termination from web server to HAProxy - L7 Timeout

Related Topics