ronenu
1
Hi All 
i am trying to configure HAproxy for SSL Termination
the Backend is an Umbraco IIS website who redirect all traffic to HTTPS
when i Browsing through the HAproxy i receive " ERR_TOO_MANY_REDIRECTS "
there is a Loop redirecting to HTTPS
if the backend is a "Regular site " who does not have a built in HTTPS redirection
then it is working fine ( i can browse both HTTP and HTTPS )
how can i solve this ?
here is my backend config
backend backend_contoso.com
balance leastconn
option httpchk HEAD / HTTP/1.1\r\nHost:\ contoso.com
option forwardfor
option redispatch
option log-health-checks
default-server inter 5s fall 3 rise 5
http-check expect rstatus (2|3)[0-9][0-9]
http-request set-header X-Forwarded-Port %[dst_port]
cookie SERVERUSED indirect nocache insert
http-request redirect scheme https unless { ssl_fc }
server iis2 192.168.1.85:80 maxconn 10000 check cookie iis1
Thank you.
Disable redirection on the backend or figure out a way to tell your backend when the request is already done via HTTPS.
X-Forwarded-Port or X-Forwarded-Proto are ways to do that. But your backend needs to support it.
ronenu
3
HI , Can you show me an example how to do that ?
You are already doing:
http-request set-header X-Forwarded-Port %[dst_port]
You can add:
http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)]
Again your backend needs to support it.
ronenu
5
so i added this line
http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)]
but the same thing i am still getting “ERR_TOO_MANY_REDIRECTS”
Which is why I said your backend needs to actually support it, or you need to disable the redirect at the backend.
ronenu
7
the backend is Windows 2016 IIS server
does it support it ?
The operating systems and webserver is irrelevant.
The backend application is relevant.