Multiple SSL HAProxy
Multiple SSL HaProxy ini diperlukan Jika dalam 1 Server Haproxy terdapat 2 SSL yang berbeda, Misalnya domain www.example.com dan www.contoh.com. Berikut Konfigurasi haproxy.conf jika multiple SSL.
frontend secure-http-in
bind *:80
bind *:443 ssl crt /usr/local/etc/ssl/riaunew.pem crt /usr/local/etc/ssl/dumai.pem
redirect scheme https if !{ ssl_fc } # <- Jika semua domain redirect ke https
mode http
option httplog
log global
acl host_example hdr(host) -i www.example.com
acl host_contoh hdr(host) -i www.contoh.com
use_backend example-WWW if host_example
use_backend contoh-WWW if host_contoh
backend example-WWW
log 127.0.0.1 local6
option httplog
http-request set-header X-Forwarded-Port %[dst_port]
mode http
balance roundrobin
# cookie JSESSIONID prefix nocache
cookie SERVERID insert indirect nocache
server EXAMPLE-WWW-1 192.168.79.37:443 maxconn 1024 cookie SRV1 check
# server EOFFICE-WWW-2 192.168.79.38:443 maxconn 1024 cookie SRV2 check backup
backend contoh-WWW
log 127.0.0.1 local6
option httplog
http-request set-header X-Forwarded-Port %[dst_port]
mode http
balance roundrobin
# cookie JSESSIONID prefix nocache
cookie SERVERID insert indirect nocache
server contoh-WWW-1 192.168.79.40:443 maxconn 1024 cookie SRV1 check
# server contoh-WWW-2 192.168.79.41:443 maxconn 1024 cookie SRV2 check backup
Restart Haproxy..
NB : Konfigurasi diatas Jika semua domain harus redirect ke https, jika salah satu tidak redirect maka konfigurasi Haproxy.cfg sebagai berikut :
frontend secure-http-in
bind *:443 ssl crt /usr/local/etc/ssl/example.pem crt /usr/local/etc/ssl/contoh.pem
mode http
option httplog
log global
acl host_example hdr(host) -i www.example.com
acl host_contoh hdr(host) -i www.contoh.com
use_backend example-WWW if host_example
use_backend contoh-WWW if host_contoh
use_backend example-WWW if host_example
use_backend contoh-WWW if host_contoh
frontend http-in
frontend http-in
bind *:80
redirect scheme https if { hdr(Host) -i example.com } !{ ssl_fc } #Jika hanya domain exampel.com saja yang akan di redirect ke https
acl host_example hdr(host) -i www.example.com
acl host_contoh hdr(host) -i www.contoh.com
use_backend example-WWW if host_example
use_backend contoh-WWW if host_contoh
***** Untuk Backend sama contoh diatas
Posted on: August 21, 2019,
by : Julian's | 33 views