OPNsense Forum
Archive => 18.7 Legacy Series => Topic started by: csmall on August 14, 2018, 12:57:54 pm
-
I have one service running behind haproxy with ssl offloading enabled and it works fine.
I added another service to a new backend pool of servers and going to the site over ssl fails with ssl protocol error.
If I go to the site directly to the backend ip it works fine. I only get the protocol error when I go to haproxy address.
What could be the issue? It is nginx with and ssl site on 443.
-
Actually, when going to the site today I get a 503 error.
503 Service Unavailable
No server is available to handle this request.
The cert in the browser looks fine and valid but chrome warns anyway. Clicking proceed gives me the 503 error.
-
Check the HAProxy logs:
Services -> HAProxy -> Log File
-
I do t see anything relevant to this server other than the proxy is started. For the working server I see connection information.
I cloned everything from the working server and modified the options to point to the new server but it just doesn’t work.
Maybe it is an nginx issue? But the site works on the lan when going directly to the server. It only had this trouble when going to the haproxy address.
This is doing ssl offloading, I would like to try just pass-through but I don’t know what options to select to do pass-through. Everything I have tried doesn’t work.
-
Can anyone explain to me how to do pass-through ssl with the haproxy plugin?
-
Looks like I figured out how to run multiple sites with SSL and SSL-Offloading. Multiple sites are now loading as expected behind a single public IP.