Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Multiple SSL certificates in HAProxy configuration
global
maxconn 2048
defaults
mode http
timeout connect 5000ms
timeout client 90000ms
timeout server 90000ms
frontend secure-http-in
bind *:443 ssl crt /opt/certs/www.acme.com.pem crt /opt/certs/www.admin-acme.com.pem
mode http
option http-server-close
option forwardfor
acl is_acme_front hdr(host) -i www.acme.com
acl is_acme_backoffice hdr(host) -i www.admin-acme.com
use_backend acme_front if is_acme_front
use_backend acme_backoffice if is_acme_backoffice
frontend http-in
bind *:80
redirect scheme https if { hdr(Host) -i www.acme.com } !{ ssl_fc }
redirect scheme https if { hdr(Host) -i www.admin-acme.com } !{ ssl_fc }
acl is_acme_front hdr(host) -i www.acme.com
acl is_acme_backoffice hdr(host) -i www.admin-acme.com
use_backend acme_front if is_acme_front
use_backend acme_backoffice if is_acme_backoffice
backend acme_front
balance roundrobin
option httpclose
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server node1 172.17.0.1:12080 check
server node2 172.17.0.1:12090 check
backend acme_backoffice
balance roundrobin
option httpclose
option forwardfor
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server node1 172.17.0.1:13080 check
server node2 172.17.0.1:13090 check
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment