Redirect to https IF cert is present in store

frank · October 28, 2021, 10:23am

Hi there,

I have an haproxy instance with many certs (100+) and even more so domains pointing to it.

I’d like to redirect as much traffic as possible to HTTPS. However, I don’t wan’t to redirect to HTTPS if a certificate compatible with the given domain is not present.

The certificates are loaded automatically (i.e. giving a folder to haproxy).

So the idea is to redirect to https only if the user comes via HTTP and a cert is present for the given host, something like so:

redirect scheme https if { hdr(Host),ssl_has_with_host } !{ ssl_fc }

where the ssl_has_with_host(host) is a function that returns true if Haproxy contains a certificate that can match against the given host.

Do you know how it could be done ?

Many thanks !

lukastribus · October 28, 2021, 4:04pm

Have external script writing the available hostnames to a file and match it with an ACL.

redirect scheme https if { hdr(Host) -f secureHostNames }

Topic		Replies	Views
HAProxy redirect all https requests for different domains to just one domain without having ssl certs for all Help!	5	1658	February 17, 2022
Haproxy http to https redirect host header Help!	4	866	April 25, 2023
Haproxy redirections with ssl Help!	1	873	April 26, 2017
Redirect http to https Help!	1	572	November 8, 2019
SSL Redirect - Chained Proxies via Proxy Protocol Help!	2	485	July 3, 2020

Redirect to https IF cert is present in store

Related topics