Hi everyone,
I’m desperately looking to solve the following problem, but was not able to find the solution on the internet. I was told by someone it should be possible to resolve, but no further hints have been given. That’s where you HAProxy Pros (hopefully) come into play
In case you can help me or point me to the right direction, please also let me know which HAProxy version I need to have in place to make it work.
CURRENT SITUATION
- I only have one public IP address
- Got multiple backend servers
- All backend services shall be made publicly available on Port 443
- Based on the backend’s capabilities, I’m forced to SSL offload or passthrough
DESIRED OUTCOME
- With the help of SNI, I want to define when an incoming traffic/request is SSL offloaded or SSL passthrough.
EXAMPLE
- A.website.com Port 443 --> SSL offloading / termination to backend Server A on Port 80
- B.website.com Port 443 --> SSL offloading / termination to backend Server B on Port 80
- C.website.com Port 443 --> SSL passthrough to backend Server C on Port 443
- D.website.com Port 443 --> SSL passthrough to backend Server D on Port 443
If you could provide me a simple HAProxy config with some details, which is able to achieve the outlined desired scenario, I would be greatly thankful.
Thanks in advance for your support,
Sascha