Simplified ACL for SNI matching

Thoufiq · February 22, 2020, 10:23am

Hi There,

We are doing SNI based routing for multiple domains through our HAProxy LBs. but i need to add few more domains in the same HAproxy clusters.

Is there any easy way to group these domains in a single line acl?

Is it possible to configure like this?

tcp-request content accept if { req_ssl_hello_type 1 }
acl application_5 req_ssl_sni -i example(1-10).haproxy.com

Please help.

lukastribus · February 24, 2020, 11:30am

It’s a normal ACL. You can match it against a file with a list of expressions, you can use regular expressions, etc.

Please read:

Topic		Replies	Views
Https multiple domain routing Help!	6	717	December 3, 2021
Acl path_beg does'nt work with my sni Help!	12	281	October 6, 2023
My SNI routing does not seem to work - is there some option to debug ACL rule? Help!	6	365	January 19, 2024
ACLs not recognizing TCP traffic Help!	3	766	July 10, 2019
SSH into multiple servers based on Domain HOST ACL Help!	2	1662	November 23, 2019