Only HTTPS 502,521 error


#1

Hello guys,
I’am trying to setup haproxy on Ubuntu 16.04 Haproxy 1.7v with ssl only.I have A record in cloudflare to ip where is loadbalancer.Check my haproxy.cfg

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 5000
tune.ssl.default-dh-param 2048

    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    # An alternative list with additional directives can be obtained from
    #  https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3

defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
stats enable
stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth admin:123$
stats refresh 5s

frontend UP-Proxy
bind *:443 ssl crt /etc/haproxy/cert/server.pem

acl site_dead nbsrv(LoadBalancer) lt 1
tcp-request connection reject if site_dead
monitor-uri /haproxy?monitor

default_backend LoadBalancer
backend LoadBalancer
balance roundrobin
option redispatch 1
cookie SERVERID insert indirect nocache

server up130 10.x.xxx.xx:80 cookie 130 check fall 3 rise 2
server up153 10.x.xxx.xx:80 cookie 153 check fall 3 rise 2

When i try to request site cloudflare throw 521 or 502 (Bad gateway) Please Help :frowning: