HAProxy and using SNI on backends
-
Hello,
Anybody knows if the pfSense with Haproxy can do Health checks to WAP-servers, needs to be SNI compatible.
?
-
Haproxy 1.8rc3 should be able to use "check-sni". http://cbonte.github.io/haproxy-dconv/1.8/snapshot/configuration.html#5.2-check-sni but aint released yet. Maybe i can change the haproxy-devel to use it..
-
Haproxy 1.8rc3 should be able to use "check-sni". http://cbonte.github.io/haproxy-dconv/1.8/snapshot/configuration.html#5.2-check-sni but aint released yet. Maybe i can change the haproxy-devel to use it..
Would be great, or even Amazing. Then it would be possible to Health check Microsoft WAP-servers without destroying it´s bindning ti 0.0.0.0:443
-
Haproxy 1.8rc3 should be able to use "check-sni". http://cbonte.github.io/haproxy-dconv/1.8/snapshot/configuration.html#5.2-check-sni but aint released yet. Maybe i can change the haproxy-devel to use it..
Hello,When are you guys planing to make this available? :)
-
haproxy 1.8.0release is available in the haproxy-devel package.. but there is a issue in that version with mail-alerts.. and a few other quirks that are still being fixed in haproxy itself..
-
Hello,
Do you have some info if now we can force the SNI between haproxy and backend servers ?
I have one backend server which cannot communicate without SNI.Thanks
-
put this into the server advanced field on the backend.?:
sni vhost1.yourdomain.local check-sni vhost1.yourdomain.localorsni ssl_fc_sni check-sni vhost1.yourdomain.localor```
sni hdr(Host) check-sni vhost1.yourdomain.local -
Hello,
Thank you for your reply,
The line with ssl_fc_sni working fine (haproxy devel).Regard’s,
-
Hello, when wil this SNI functionality be implemented in production release package for HaProxy?
I would lika to have SNI support, and support for SNI Health check to backend.
Would be awesome to have!
-
Well check-sni depends on 1.8 so probably when upstream BSD ports decides to switch the 'haproxy' port to 1.8 and then a little while after that..
1.7 supports 'sni' on backend server line
1.8 supports 'sni' and 'check-sni' on backend server line'sni' on frontend bind line is supported by both..
-
THX :)