I am using Haproxy to separate http and https with different domain setting, but domain limitation with http not working well. My setting as following. Any idea?
frontend ha_8080
mode tcp
bind *:8080
tcp-request content accept if { req_ssl_hello_type 1 }
tcp-request inspect-delay 100ms
tcp-request content accept if HTTP
acl is_using_ssl req.ssl_hello_type gt 0
acl is_abc hdr_dom(host) -i abc.com
use_backend http_server if !is_using_ssl is_abc #it works and only works on abc.com,
use_backend local_server1 if is_using_ssl is_abc #https will not working
use_backend local_server1 if is_using_ssl #it works, but I need it work only on abc.com
hdr_dom(host) not work for https(ssl).
I should change to using req_ssl_sni.
My final setting as following.
frontend ha_8080
mode tcp
bind *:8080
tcp-request content accept if { req_ssl_hello_type 1 }
tcp-request inspect-delay 100ms
tcp-request content accept if HTTP
acl is_abc hdr_dom(host) -i abc.com
acl is_abc_ssl req_ssl_sni -i abc.com
use_backend http_server if is_abc
use_backend local_server1 if is_abc_ssl