Ok .. I may be doing this all wrong ... here's what I want to accomplish
2 haproxy servers (for no single point of failure) - using dns round-robin
Have the proxies' route http and https requests to multiple backend web
servers using round-robin or source since it's probably best not to switch
servers in the middle of a session
Have the SSL cert on the 2 proxies so we don't have to have multiple certificates for web servers or a wild card for the certificate
On FC4 I had this working with stunnel and haproxy ... or I thought I did. But I can not get this to work now. All https requests are changed to http.
After reading again, I'm beginning to think that what I was doing with stunnel and haproxy is not really what I need; but I'm so confused now I'm not sure.
Can anyone offer any guidance and suggestions? This is all still rather new to me and I think I'm just making this way more complicated than it is.
From: Willy Tarreau [mailto:w#1wt.eu]
Sent: Monday, March 17, 2008 1:47 PM
To: Jill Rochelle
Subject: Re: FC8 - Stunnel - HAProxy
On Mon, Mar 17, 2008 at 12:10:58PM -0400, Jill Rochelle wrote:
> Has anyone been able to get Fedora Core 8, Stunnel 4.20 and HAProxy 1.2.17
> to work together?
> I'm having a problem where as it doesn't appear that it's forwarding https
> although it asks to accept the self sign certificate. It remains http
> instead of https in the URL.
> Any ideas? (I did apply the patches from HAProxy site for Stunnel)
in the stunnel configuration, I'm used to add this :
TIMEOUTconnect = 5
TIMEOUTbusy = 25
TIMEOUTidle = 25
and this in the https section :
client = no
Hoping this helps,
Willy Received on 2008/03/18 18:20
This archive was generated by hypermail 2.2.0 : 2008/03/18 18:30 CET