HA Proxy using HTTP with backend - Not configured for this

michmoor · Nov 17, 2023, 4:18 PM

Greetings
Running into an very interesting issue with HA Proxy at the moment.
I have a NAS on my backend that is listening on port 9901 with SSL.
If i bypass HA Proxy and hit directly the https:x.x.x.x:9901 url i can access it.
If i come in over my WAN i get greeted with the following message

I checked my backend configuration to ensure it is communicating on using SSL and it is.

I then did a packet capture on my VLAN facing the server and i see the firewall trying to use HTTP completely ignoring the configuration. I have never seen this happen with HA Proxy

michmoor · Nov 17, 2023, 4:36 PM

FIXED.

All i did was remove backend and frontend configuration and re-added it.
Working fine.
pcaps now show TLS communication with backend.

Definitely a bug. Trying to reproduce so i can open a redmine but so far i cant.