Passing https: to 443 to tomcat:8443

I’m running haproxy 2.8.3 with tomcat9 as a backend server.
How would I have to configure haproxy such that it serves the address:

HAPROXY                       TOMCAT9    ==>

You could do something like this:

frontend www
    mode http
    bind *:443 ssl crt /etc/haproxy/website.pem
    default_backend tomcat9

backend tomcat9
     mode http
     server srv1 ssl
1 Like

Thanks. What does the ssl in the backend section do? Is it necessary?
Or in other words: I just added the ssl specifier and get an error on startup:

Jun  7 10:12:21 mail haproxy[13143]: [ALERT]    (13143) : config : [/etc/haproxy/haproxy.cfg:85] : 'server cmssite/' : verify is enabled by default but no CA file specified. If you're running on a LAN where you're certain to trust the server's certificate, please set an explicit 'verify none' statement on the 'server' line, or use 'ssl-server-verify none' in the global section to disable server-side verifications by default.
Jun  7 10:12:21 mail haproxy[13143]: [ALERT]    (13143) : config : Fatal errors found in configuration.

EDIT: I see, it checks the availability of a certificate on the backend beforehand, at configuration or start time other than later when real traffic would occur.