Question about haproxy

Started by 0xDEADC0DE, October 22, 2018, 12:16:21 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 22, 2018, 12:16:21 PM
Currently we have different services running behind our OPNsense box like
otrs, mattermost, svn, website aso.
Only one website is currently running on port 443, all other sites use different
ports. Now I want to change all website to use the standard port 443.
I cannot do let's encrypt on opnsense with haproxy as some sites use client
certificates and they have different requirements for TLS.
Is there a possibility to only inspect the SNI and forward the "raw" TCP to the correct server?
I know that I cannot use ESNI with TLS 1.3 then but I don't care about that.
Print
Go Up Pages1
User actions