Hello everyone, I’m having trouble with an issue: I have a Haproxy plugin (opnsense) and a backend web server (IIS). I already have the certificate inserted in opnsense, and the server is up and running, but I’m having problems when the user accesses http://myaddress. The browser closes the connection and doesn’t convert it to https://myaddress.
I need help if anyone can clarify this for me.
configuration file follows:
Automatically generated configuration.
Do not edit this file manually.
global
uid 80
gid 80
chroot /var/haproxy
daemon
stats socket /var/run/haproxy.socket group proxy mode 775 level admin
nbthread 1
hard-stop-after 60s
no strict-limits
httpclient.resolvers.prefer ipv4
tune.ssl.default-dh-param 2048
spread-checks 2
tune.bufsize 16384
tune.lua.maxmem 0
log /var/run/log local0 info
lua-prepend-path /tmp/haproxy/lua/?.lua
defaults
log global
option redispatch -1
timeout client 30s
timeout connect 30s
timeout server 30s
retries 3
default-server init-addr last,libc
autogenerated entries for ACLs
autogenerated entries for config in backends/frontends
autogenerated entries for stats
Frontend (DISABLED): Srv_Web_Service (SrvWeb)
Frontend: Srv_Web_Service (SrvWeb)
frontend Srv_Web_Service
bind 0.0.0.0:8185 name 0.0.0.0:8185 ssl alpn h2,http/1.1 crt-list /tmp/haproxy/ssl/6908e50340fb77.68318989.certlist
mode http
option http-keep-alive
default_backend Backend_WebDisnorte
# logging options
# ACL: is_http
acl acl_6906211d2ad8d4.02520306 ssl_fc
# ACTION: HTTP_Redirect_to_HTTPS_8185
http-request redirect scheme https code 301 if !acl_6906211d2ad8d4.02520306
# WARNING: pass through options below this line
no option http-ignore-probes
Backend: Backend_WebDisnorte (BackendWEB)
backend Backend_WebDisnorte
health checking is DISABLED
mode http
balance source
stickiness
stick-table type ip size 50k expire 30m
stick on src
http-reuse safe
server SrvWebDinorte 192.168.0.65:80