Menu
Hi I am using haproxy to load balance my https connections. I want to do active health checks however they don't seem to work. Any tips on how to correctly write the below would be welcome. I have them working fine for http port 80 connections.
frontend incoming_https
bind *:443
mode tcp
default_backend web_https
backend web_https
mode tcp
option httpchk GET / HTTP/1.1\r\nHost:\ https://www.mysite.com
server web-0 xxx.xxx.xxx.xxx:443 check inter 5000 port 443
941
Yes, you can use option httpchk in tcp mode. Here's the necessary options to search for a string on a page behind ssl:
mode tcp
option httpchk GET /<URI>
http-check expect string <STRING\ WITH\ SPACES\ ESCAPED>
server <YOUR_SERVER_FQDN>:443 <YOUR_SERVER_IP>:443 check ssl verify none
for example, to check a login.html page for "User Name" string:
mode tcp
option httpchk GET /login.html
http-check expect string User\ Name
server www.example.com:443 192.168.1.1:443 check ssl verify none
Note that "check ssl verify none" is required and that any spaces in your search string must be escaped with a \.
163
You can't use option httpchk in tcp mode.
You'll probably want to read up on option ssl-hello-chk.
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
