RE: FC8 - Stunnel - HAProxy

Ok .. I may be doing this all wrong ... here's what I want to accomplish

2 haproxy servers (for no single point of failure) - using dns round-robin   Have the proxies' route http and https requests to multiple backend web servers using round-robin or source since it's probably best not to switch servers in the middle of a session
  Have the SSL cert on the 2 proxies so we don't have to have multiple certificates for web servers or a wild card for the certificate

On FC4 I had this working with stunnel and haproxy ... or I thought I did. But I can not get this to work now. All https requests are changed to http.

After reading again, I'm beginning to think that what I was doing with stunnel and haproxy is not really what I need; but I'm so confused now I'm not sure.

Can anyone offer any guidance and suggestions? This is all still rather new to me and I think I'm just making this way more complicated than it is.

Thanks,
Jill

-----Original Message-----
From: Willy Tarreau [mailto:w#1wt.eu]
Sent: Monday, March 17, 2008 1:47 PM
To: Jill Rochelle
Cc: haproxy#formilux.org
Subject: Re: FC8 - Stunnel - HAProxy

On Mon, Mar 17, 2008 at 12:10:58PM -0400, Jill Rochelle wrote:
> Has anyone been able to get Fedora Core 8, Stunnel 4.20 and HAProxy 1.2.17
> to work together?
>
> I'm having a problem where as it doesn't appear that it's forwarding https
> although it asks to accept the self sign certificate. It remains http
> instead of https in the URL.
>
> Any ideas? (I did apply the patches from HAProxy site for Stunnel)

in the stunnel configuration, I'm used to add this :

TIMEOUTconnect = 5
TIMEOUTbusy = 25
TIMEOUTidle = 25

and this in the https section :

client = no

Hoping this helps,
Willy Received on 2008/03/18 18:20