URL redirection and TCP proxy in haproxy

Albert asked:

In a server with only one ipv4 and running haproxy, i want to redirect an url and proxy another in TCP level, for ssl passthrough purpose.

frontend https-frontend
  bind *:443
  mode tcp
  option tcplog
  tcp-request inspect-delay 5s
  tcp-request content accept if { req_ssl_hello_type 1 }
  use_backend proxy-backend if { req.ssl_sni -i proxied-url.com }
  redirect prefix https://url-rewrited.com code 301 if  { req.ssl_sni -i domain-for-redirect.com }

But redirect prefix requires http mode, and proxy passthrough requires tcp mode.

[WARNING] 347/153600 (1324) : config : 'redirect' rules ignored for frontend 'https-frontend' as they require HTTP mode.

If I use two frontends binding in 443, errors occur when loading pages.

How can I proceed?

My answer:


You can’t combine layer 4 proxying with HTTP redirection. You will need to do the redirects in your backend web server(s).


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.