HAProxy: HTTP frontend works, HTTPS frontend doesn't
-
My primary reason to use HAProxy is to more easily and securely connect to sites on my internal network and offload SSL. I originally created two frontends with one redirecting any HTTP traffic to HTTPS and the other to actually redirect ALL the websites. Nothing worked. I would generally get 522 error. I had several sites that were NOT using HTTPS, so I disabled the HTTP redirect and create a new frontend to handle non-HTTPS sites. Low-and-behold, this works! I have several different backends that are all functioning as I was expecting. Unfortunately, all of my HTTPS websites are now giving me 503 errors. I have verified that all of my certificates are valid but it seems as though something with SSL offloading isn't functioning properly.
I have followed numerous tutorials, many of which show different methods of doing essentially the same thing and I've tried them all. I've reduced my NAT and firewall rules to the bare-minimum for services to otherwise function properly on my network.
If it makes any differences, when it comes to DNS control and certificates, they are managed by Cloudflare.
-
@ronrn18 I have a domain with cloudflare, that points to my wan IP. And I use haproxy to do ssl offloading of this service because its just a docker and https is not really supported.
I am not having any issues with this. I use a acme cert..
I can bounce off the proxy both internally, and externally my users are able to access it. I even share the outside 443 port being used with openvpn and have not problems.