I have gotten things to work using mode tcp rather than http. However, sometimes one site gets a security error when it gets the incorrect cert. Why does one site get the incorrect cert? is haproxy sending a request to the other server first? how is this possible?
Automaticaly generated, dont edit manually.
Generated on: 2020-07-25 00:06
global
maxconn 1000
stats socket /tmp/haproxy.socket level admin expose-fd listeners
uid 80
gid 80
nbproc 1
nbthread 1
hard-stop-after 15m
chroot /tmp/haproxy_chroot
daemon
tune.ssl.default-dh-param 2048
server-state-file /tmp/haproxy_server_state
ssl-server-verify none
listen HAProxyLocalStats
bind 127.0.0.1:2200 name localstats
mode http
stats enable
stats refresh 10
stats admin if TRUE
stats show-legends
stats uri /haproxy/haproxy_stats.php?haproxystats=1
timeout client 5000
timeout connect 5000
timeout server 5000
frontend mainTLS
bind xx.xx.xx.xx:443 name xx.xx.xx.xx:443
mode tcp
log global
timeout client 30000
default_backend DebianServer_ipvANY
frontend http-to-https
bind xx.xx.xx.xx:80 name xx.xx.xx.xx:80
mode http
log global
option http-keep-alive
timeout client 30000
http-request redirect scheme https
backend DebianServer_ipvANY
mode tcp
id 100
log global
timeout connect 30000
timeout server 30000
retries 3
server DebianServer 192.168.1.249:443 id 101 check inter 1000
server CorCloud 192.168.1.246:443 id 103 check inter 1000