Hello, I have several web server behind a machine running Haproxy.
traffic from internet to Haproxy machine to web servers on http port
80 works great.
To process SSL traffic, I installed the patched version of stunnel that passes the X-Forwarded-For header , and I forward port 443, to port 80 of the ip Haproxy is using as the front end, it all works great except ...
When clients go to the dns name of the Haproxy machine, they get the ssl "invalid certificate" error in their browser. This is easily overcome by clicking "allow exception" in Firefox, but it's annoying, and also this didn't used to happen before I put Haproxy in the way.
This can't be that uncommon of a problem, but I can't find on the internet anyone complainign about and then solving this problme.
Any ideas about what I should do?
thanks. Received on 2009/08/31 06:44
This archive was generated by hypermail 2.2.0 : 2009/08/31 07:00 CEST