Hello all!
i’m need help regards this configuration that i have started and before complete it.
I need to realize the follow situation:
I have multiple internal server that can listen only in clear (http and snmp).
While, from external to internal i need to expose TLS then redirect internal in clear.
Last but not least, internal server sometime act as a Servers and sometime as client.
When act as server, no problem i found with my initial configuration (i expose an example port with ssl cert in haproxy).
But I geuss, if the following one is correct when my server start as a client, and i need to realize this flow:
(internal server) — http – HAProxy – https - external:
…
frontend intern_http
bind 127.0.0.1:8000
http-request redirect scheme https unless !{ ssl_fc }
default_backend ext_https
ext_https
backend external_https
server target_1 <target_https>:6601 check inter 5s fall 3 rise 1
With this configuration when:
- I act like a client, the send an curl in http at 127.0.0.1:8000, it doesn’t work.
- I act like a client, then send an curl in https at 127.0.0.1:8000 it works:
<target_https> is my custom server that listen in https
My doubt is regards target point at client level …it is correct to point in https or I had to point in http then haproxy has to redirect in https? (even if my initial answers and configuration it’s correct for my scope)
Thx to all!