HAProxy community

Only one port for http and https with ssl termination

I want my web application run only on port 4443. So i added this port to my docker container on Haproxy. Now i want to inspect the incoming request and if it is not https, it should redirect to it. Like: http:test.example.com:4443 -> https:test.example.com:4443. This only works if i bind the port without the ssl certificate.

If i bind it like this: bind *:4443 ssl crt /usr/local/etc/ssl/chaparron.ml.pem alpn h2 i get the error “https/1: SSL handshake failure” if i call http:test.example.com:4443 but there is no redirection.

How can i do this?

This is my haproxy.cfg right now

        maxconn 50
        tune.ssl.default-dh-param 2048
        log stdout format raw local0

	    log global
	    mode http
	    timeout tunnel 1h
	    timeout http-request 100s

frontend https
	    mode http
	    bind *:4443 ssl crt /usr/local/etc/ssl/nextcloud.ml.pem alpn h2
	    http-request redirect scheme https code 301 if !{ ssl_fc }
	    default_backend nextcloud
	    timeout client 30s

backend nextcloud
	    mode http
	    timeout connect 20s
	    option http-server-close
	    server app1 app:80
	    timeout server 30s