Redirect to https IF cert is present in store

Hi there,

I have an haproxy instance with many certs (100+) and even more so domains pointing to it.

I’d like to redirect as much traffic as possible to HTTPS. However, I don’t wan’t to redirect to HTTPS if a certificate compatible with the given domain is not present.

The certificates are loaded automatically (i.e. giving a folder to haproxy).

So the idea is to redirect to https only if the user comes via HTTP and a cert is present for the given host, something like so:

redirect scheme https if { hdr(Host),ssl_has_with_host } !{ ssl_fc }

where the ssl_has_with_host(host) is a function that returns true if Haproxy contains a certificate that can match against the given host.

Do you know how it could be done ?

Many thanks !

Have external script writing the available hostnames to a file and match it with an ACL.

redirect scheme https if { hdr(Host) -f secureHostNames }