问题
I have haproxy v1.5.4 working with http & https. I am binding *:80 & :*443 to the same frontend and using the same acls.
I want to create an http -> https redirect
frontend http-in
bind *:80
bind *:443 ssl crt /etc/pki/tls/certs/...
...
acl is_office path_beg /office
http-request redirect scheme https if !{ ssl_fc } is_office
use_backend office if is_office
This causes
10.XXXXX:36909 [16/Dec/2015:17:23:07.678] http-in/2: SSL handshake failure
when I access over http (expecting the redirect)
If I access via https then it correctly hits the backend and proxies through to the service over 443.
backend office
balance roundrobin
server backbone-daily 10.XXXXXX:443 ssl check verify none
The self-signed cert validates and works without the redirect. It feels like i'm missing something in the redirect stage.
Any help much appreciated
来源:https://stackoverflow.com/questions/34318597/haproxy-ssl-redirect-handshake-failure