HTTPS redirection and Haproxy little problem



  • Hello,
    i have a problem with haproxy https redirection.
    I have this configuration:
    2 frontend on haproxy:
    1 for http port 80 with 2 rules: the first is for letsencrypt certificate folder ( Path starts with: no /.well-known/acme-challenge/ redirect to certificate challenge forlder) the second redirect all the other request Path starts with: yes /.well-known/acme-challenge/ to a backend with a dummy server and a backend passthru rule redirect scheme https code 301
    1 for https with 2 acl rules for 2 backend server.

    The aim is to redirect all http://server1.domain.com and http://server2.domain.com to HTTPS.
    The problem is that: if i wrote http://server1.domain.com on chrome it works the first time, i get redirect to https and i get the login page of my webservice. Then i write my credential but the login page then load the HTTP url and not the HTTPS one throwing a 503 error page. I didn't have this problem when i used apache2 as reverse proxy for this 2 servers.
    Any hint?


  • Banned

    Try something like

    
    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }
    
    

    on the backend.

    Might also need

    
    acl secure dst_port eq 443
    rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
    
    

    on the frontend.



  • Thank you for the hint.
    i've configured haproxy via webgui, is a problem to edit directly the conf files to add that lines?


  • Banned

    Do NOT edit the config files, use the GUI.