You're speaking plain HTTP to an SSL-enabled server port
-
@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:
@tomasenskede
Not clear, why you have set up two backends, one to port 80 and one with 443.
However, if the backend server is accessed on port 443, it would expect an SSL-request using HTTPS.
To enable it in the HAproxy backend, check "Encrypt(SSL)".I don’t have two backends, I just tested with two different setting, port 80 and 443 with same result… but not at the same time.
-
@tomasenskede
Is the backend even accessible via http on port 80, or does it redirect any access to https?As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.
-
@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:
@tomasenskede
Is the backend even accessible via http on port 80, or does it redirect any access to https?As mentioned above, when using port 443 you need to access it via https, so "Encrypt(SSL)" must be checked, and the server has to provide an SSL certificate.
then I get this:
I can access https://192.168.1.24/ from my internal network with an cert-warning but still working
-
@tomasenskede
So maybe there is a mistake in your frontend configuration. Can you post its settings, please? -
@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:
@tomasenskede
So maybe there is a mistake in your frontend configuration. Can you post its settings, please?Access Control lists
Actions
Backend
-
@tomasenskede
These view snips are sadly not really helpful to get closer to the issue. -
@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:
hese view snips are sadly not really helpful to get closer to the issue.
hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!
-
@tomasenskede said in You're speaking plain HTTP to an SSL-enabled server port:
@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:
hese view snips are sadly not really helpful to get closer to the issue.
hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!
Got it WORKING... reboot of pfSense resolved the issue...
-
Wow. I have to state that I had the same problem (the "Encrypt(SSL)" option was totally ignored), but everything works after reboot.
-
@melnyk I know wright. I absolutely spent 2 hours with the HA config before I found this thread. wtf. Thanks @tomasenskede ... 100%, a reboot on pfsense worked.
-