Multiple SSL HAProxy

Multiple SSL HaProxy ini diperlukan Jika dalam 1 Server Haproxy terdapat 2 SSL yang berbeda, Misalnya domain www.example.com dan www.contoh.com. Berikut Konfigurasi haproxy.conf jika multiple SSL.

frontend secure-http-in
bind *:80
bind *:443 ssl crt /usr/local/etc/ssl/riaunew.pem crt /usr/local/etc/ssl/dumai.pem
redirect scheme https if !{ ssl_fc } # <- Jika semua domain redirect ke https

mode http
option httplog
log global

acl host_example hdr(host) -i www.example.com
acl host_contoh hdr(host) -i www.contoh.com

    use_backend example-WWW if host_example
    use_backend contoh-WWW if host_contoh
   
backend example-WWW
         log  127.0.0.1 local6
         option httplog
         http-request set-header X-Forwarded-Port %[dst_port]
         mode http
         balance roundrobin
#        cookie JSESSIONID prefix nocache
         cookie SERVERID insert indirect nocache
         server EXAMPLE-WWW-1 192.168.79.37:443 maxconn 1024 cookie SRV1 check
#         server EOFFICE-WWW-2 192.168.79.38:443 maxconn 1024 cookie SRV2 check backup


backend contoh-WWW
         log  127.0.0.1 local6
         option httplog
         http-request set-header X-Forwarded-Port %[dst_port]
         mode http
         balance roundrobin
#        cookie JSESSIONID prefix nocache
         cookie SERVERID insert indirect nocache
         server contoh-WWW-1 192.168.79.40:443 maxconn 1024 cookie SRV1 check
#         server contoh-WWW-2 192.168.79.41:443 maxconn 1024 cookie SRV2 check backup

Restart Haproxy..
NB : Konfigurasi diatas Jika semua domain harus redirect ke https, jika salah satu tidak redirect maka konfigurasi Haproxy.cfg sebagai berikut :

frontend secure-http-in
         bind *:443 ssl crt /usr/local/etc/ssl/example.pem crt    /usr/local/etc/ssl/contoh.pem

         mode http
         option httplog
         log global
         acl host_example hdr(host) -i www.example.com
         acl host_contoh hdr(host) -i www.contoh.com
         use_backend example-WWW if host_example
         use_backend contoh-WWW if host_contoh

use_backend example-WWW if host_example
    use_backend contoh-WWW if host_contoh

frontend http-in
 
         frontend http-in
         bind *:80
         redirect scheme https if { hdr(Host) -i example.com } !{ ssl_fc } #Jika hanya domain exampel.com saja yang akan di redirect ke https
      
         acl host_example hdr(host) -i www.example.com
         acl host_contoh hdr(host) -i www.contoh.com
         use_backend example-WWW if host_example
         use_backend contoh-WWW if host_contoh

***** Untuk Backend sama contoh diatas


Posted on: August 21, 2019, by :