Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy - route by domain name

    pfSense Packages
    haproxy acl
    1
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nasheayahu
      last edited by nasheayahu

      I'm able to route by host.doman.com, but having no success on how to route the domain.com. I can test successfully using:
      openssl on kohanyim.com

      $ openssl s_client -servername kohanyim.com -host 67.0.6.16 -port 443 | grep subject
depth=3 C = PA, ST = Panama, L = Panama City, O = TrustCor Systems S. de R.L., OU = TrustCor Certificate Authority, CN = TrustCor RootCert CA-1
verify return:1
depth=2 C = PA, O = TrustCor Systems S. de R.L., CN = TrustCor DV SSL CA - G2
verify return:1
depth=1 C = PA, O = TrustCor Systems S. de R.L., CN = TrustCor DV SSL CA - G2 - RSA
verify return:1
depth=0 CN = kohanyim.com
verify return:1

      openssl on www.kohanyim.com

      $ openssl s_client -servername www.kohanyim.com -host 67.0.6.16 -port 443 | grep subject
depth=3 C = PA, ST = Panama, L = Panama City, O = TrustCor Systems S. de R.L., OU = TrustCor Certificate Authority, CN = TrustCor RootCert CA-1
verify return:1
depth=2 C = PA, O = TrustCor Systems S. de R.L., CN = TrustCor DV SSL CA - G2
verify return:1
depth=1 C = PA, O = TrustCor Systems S. de R.L., CN = TrustCor DV SSL CA - G2 - RSA
verify return:1
depth=0 CN = *.kohanyim.com
verify return:1
subject=CN = *.kohanyim.com

      using curl on http://kohanyim.com/

      $ curl -Ii http://kohanyim.com/
HTTP/1.1 302 Found
Cache-Control: no-cache
Content-length: 0
Location: https://kohanyim.com/

      using curl on http://www.kohanyim.com/

      curl -Ii http://www.kohanyim.com/
HTTP/1.1 302 Found
Cache-Control: no-cache
Content-length: 0
Location: https://www.kohanyim.com/

      BUT when I use ssl on either doman.com I get this result

      $ curl -Ii https://www.kohanyim.com/
HTTP/1.0 503 Service Unavailable
Cache-Control: no-cache
Connection: close
Content-Type: text/html

      as I do with using the browser. I have my primary frontend doing,

      HTTPS-REDIRECT 	Enforce HTTPS 	192.168.0.41:80	http

      and the secondary frontend containing my acl's for my domain's doing this,

      wwwkohanyimcom Host matches: no no www.kohanyin.com
kohanyimcom Host contains: no no kohanyin.com

      Why is there not a expression for the domain name or I do you route just the domain name? And I don't get any its on my (access, error)-domain(-ssl).log indicating if its even reaching the server.

      N 1 Reply Last reply Reply Quote 0
      • N
        nasheayahu @nasheayahu
        last edited by

        @nasheayahu said in HAProxy - route by domain name:

        wwwkohanyimcom Host matches: no no www.kohanyin.com
        kohanyimcom Host contains: no no kohanyin.com

        I found the problem, my domain was spelled incorrectly... 😧

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.