Hello guys,
I’am trying to setup haproxy on Ubuntu 16.04 Haproxy 1.7v with ssl only.I have A record in cloudflare to ip where is loadbalancer.Check my haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 5000
tune.ssl.default-dh-param 2048
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
# An alternative list with additional directives can be obtained from
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
stats enable
stats hide-version
stats uri /stats
stats realm Haproxy\ Statistics
stats auth admin:123$
stats refresh 5s
frontend UP-Proxy
bind *:443 ssl crt /etc/haproxy/cert/server.pem
acl site_dead nbsrv(LoadBalancer) lt 1
tcp-request connection reject if site_dead
monitor-uri /haproxy?monitor
default_backend LoadBalancer
backend LoadBalancer
balance roundrobin
option redispatch 1
cookie SERVERID insert indirect nocache
server up130 10.x.xxx.xx:80 cookie 130 check fall 3 rise 2
server up153 10.x.xxx.xx:80 cookie 153 check fall 3 rise 2
When i try to request site cloudflare throw 521 or 502 (Bad gateway) Please Help 