I have the following scenario: HTTPS (customer) > HTTPS (front) > HTTPS (backend). Nothing is needed on the haproxy but the forwarding. On port 80, works everything fine, and should work on 443 too due to its on passthrough mode.
#########ERROR##########
(as root)
curl -v https://172.22.1.152
- About to connect() to 172.22.1.152 port 443 (#0)
- Trying 172.22.1.152...
- Connected to 172.22.1.152 (172.22.1.152) port 443 (#0)
- Initializing NSS with certpath: sql:/etc/pki/nssdb
- CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
- NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG)
- SSL received a record that exceeded the maximum permissible length.
- Closing connection 0
curl: (35) SSL received a record that exceeded the maximum permissible length.
THE CONFIG FILE HAPROXY.CONF
frontend https-incoming
bind *:443
option tcplog
mode tcp
#backend nodes
mode tcp
balance roundrobin
server web01 172.22.1.33:443 check ssl verify none
server web02 172.22.1.34:443 check ssl verify none
server web03 172.22.1.35:443 check ssl verify none
I can see on the logs all my attempts when using curl, but not on the browser. (80 I can see on browser, 443 no).
I need some help here ...
I have the following scenario: HTTPS (customer) > HTTPS (front) > HTTPS (backend). Nothing is needed on the haproxy but the forwarding. On port 80, works everything fine, and should work on 443 too due to its on passthrough mode.
#########ERROR##########
(as root)
curl -v https://172.22.1.152
CApath: none
curl: (35) SSL received a record that exceeded the maximum permissible length.
THE CONFIG FILE HAPROXY.CONF
frontend https-incoming
bind *:443
option tcplog
mode tcp
#backend nodes
mode tcp
balance roundrobin
I can see on the logs all my attempts when using curl, but not on the browser. (80 I can see on browser, 443 no).
I need some help here ...