Question

Does Haproxy supports backend on https for reverse proxy

Hi ,

I have configured Haproxy servere on linux at 80 port and trying to do reverse proxy with backend on https protocol (443). Is it possible in haparoxy ?

Client -->httptraffic -->Haproxy server–>https traffic–>backend server

Is there any other solution for this scenario?

If I use proxy pass through functionality provided on tcp mode. It did work but client can see the backend server(this is not real reverse proxy)

Thanks !!


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Does somebody resolved the problem? I have the same problem.

HAProxy 1.4 does not support ssl backends. Unfortunately, this is the default version in Ubuntu 14.04 and a number of other widely used distros releases. There is a PPA that provides more recent versions for Ubuntu. If you have it installed already, you can upgrade it to 1.5 by running:

sudo add-apt-repository ppa:vbernat/haproxy-1.5
sudo apt-get update
sudo apt-get upgrade

Then, in your HAProxy config (/etc/haproxy/haproxy.cfg), you’d have something like this:

frontend www-http
        bind haproxy.public.ip.addr:80
        reqadd X-Forwarded-Proto:\ http
        default_backend www-backend

backend www-backend
        balance roundrobin
        server web-01 web01.priv.ip.addr:443 check ssl verify none
        server web-02 web01.priv.ip.addr:443 check ssl verify none