HAProxy w/SSL termination and unprotected content
sandeep.kose at gmail.com
sandeep.kose at gmail.com
Sat Feb 13 08:13:48 UTC 2016
Missed HAPorxy file in previous mail so attaching in this email.
Thanks & Regards,
---
Sandeep Kose
On Sat, Feb 13, 2016 at 1:41 PM, sandeep.kose at gmail.com <
sandeep.kose at gmail.com> wrote:
> Hello,
>
> I did setup of HAProxy 1.5 on Ubuntu 14.04.3 LTS for HTTP and HTTPs and it
> is working fine for both. I used *SSL Pass-Through *instead of SSL
> termination. in the *SSL Pass-Through* SSL connections directly sends to
> the proxied/backend servers, the SSL connection is terminated at each
> proxied server. Here SSL certificates configured on backend apache instead
> of HAProxy.
>
> Here is my scenario
>
> -- Two backend server running with Apache http and https directory to
> serve OFBiz code
> -- HAProxy placed before two backend server to managing load for http and
> https traffic with sticky session and failover.
>
> I am sharing my HAProxy configuration file, see if it work for you. if you
> don't want use http traffic the remove http block from file.
>
> Thanks & Regards,
> ---
> Sandeep Kose
>
>
> On Thu, Feb 11, 2016 at 10:02 PM, Mark Haney <mark.haney at vifprogram.com>
> wrote:
>
>> I'm working on setting up a HAProxy load balancer with SSL termination
>> for adding a second web server to our website. The site is a Joomla based
>> site and is currently HTTPS-only, which is fine. I'd prefer having the SSL
>> terminated on HAProxy, but something weird is happening and I'm at a loss.
>>
>> We've got a verified wildcard SSL certificate for our site which is now
>> setup on the HAProxy server. The pair of backend servers are both directly
>> accessible via HTTP without trouble. The problem occurs when I connect to
>> the servers via HTTPS through the load balancer. Firefox and Chrome both
>> don't completely render the page at all and I get a warning (in Firefox)
>> about parts of the page being blocked for being unencrypted.
>>
>> Clicking the lock in the address bar in FF I get a message that the
>> connection was 'partially encrypted'. Looking through the list of files
>> not encrypted it lists most of the image files, css and jscript files on
>> the page.
>>
>> I don't get it. Every tutorial I've googled has the same basic setup as
>> I have, but there's no mention of this being a problem. I don't even have
>> port 80 open on the HAProxy server, so the fact that the files weren't
>> encrypted makes no sense.
>>
>> Any ideas? Something I've missed? I've included my haproxy.cfg file if
>> it'll help. This copy doesn't have the HTTP port config commented out, but
>> that's the only difference.
>>
>>
>> --
>>
>> Mark Haney ::: Senior Systems Engineer
>> *VIF* International Education
>> P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA
>> 919-265-5006 office
>>
>> Global learning for all.
>> www.vifprogram.com
>> <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF>
>> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> |
>> Twitter <https://twitter.com/vifglobaled> | LinkedIn
>> <http://www.linkedin.com/company/vif-international-education>
>>
>> Recognized as a ‘Best for the World’
>> <http://bestfortheworld.bcorporation.net/> B Corp!
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at:
>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20160213/952d1665/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: haproxy.cfg
Type: application/octet-stream
Size: 2464 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20160213/952d1665/attachment.obj>
More information about the ubuntu-users
mailing list