Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- bind :443 ssl crt /etc/ssl/haproxy.pem
- acl is_static hdr_end(Host) -i example.com
- acl is_api hdr_end(Host) -i api.example.com
- acl is_files hdr_end(Host) -i example.io
- redirect scheme https if !{ ssl_fc } is_static is_api
- cat cert1.pem key1.pem > haproxy1.pem
- cat cert2.pem key2.pem > haproxy2.pem
- defaults
- log 127.0.0.1 local0
- option tcplog
- frontend ft_test
- mode http
- bind 0.0.0.0:443 ssl crt /certs/haproxy1.pem crt /certs/haproxy2.pem
- use_backend bk_cert1 if { ssl_fc_sni my.example.com } # content switching based on SNI
- use_backend bk_cert2 if { ssl_fc_sni my.example.org } # content switching based on SNI
- backend bk_cert1
- mode http
- server srv1 <ip-address2>:80
- backend bk_cert2
- mode http
- server srv2 <ip-address3>:80
- /etc/ssl/private/mydomain.pem
- /etc/ssl/private/myotherdomain.pem
- frontend https-in:
- bind *:443 ssl crt-list /etc/ssl/private/crt-list.txt
Add Comment
Please, Sign In to add comment