HAProxy Concepts: Difference between revisions
Jump to navigation
Jump to search
Line 13: | Line 13: | ||
===SSL Pass-Through=== | ===SSL Pass-Through=== | ||
When HAProxy is configured with ''SSL pass-through'', the backend servers handle the SSL connection, rather than the load balancer. The load balancer will just simply proxy the request off to its backend server. The connection will remain encrypted, and the load balancer cannot see what it contains. The frontend will have to be configured in "tcp" [[HAProxy_Configuration#mode|mode]]. | When HAProxy is configured with ''SSL pass-through'', the backend servers handle the SSL connection, rather than the load balancer. The load balancer will just simply proxy the request off to its backend server. The connection will remain encrypted, and the load balancer cannot see what it contains. The frontend will have to be configured in "tcp" [[HAProxy_Configuration#mode|mode]]. For more details on configuration, see: {{Internal|HAProxy SSL Pass-Through Configuration|HAProxy SSL Pass-Through Configuration}} | ||
{{Internal|HAProxy SSL Pass-Through Configuration|HAProxy SSL Pass-Through Configuration}} |
Revision as of 01:51, 4 July 2017
Internal
SSL Support
HAProxy can be configured to terminate the SSL connection or to pass it through the backend server.
SSL Termination
SSL Pass-Through
When HAProxy is configured with SSL pass-through, the backend servers handle the SSL connection, rather than the load balancer. The load balancer will just simply proxy the request off to its backend server. The connection will remain encrypted, and the load balancer cannot see what it contains. The frontend will have to be configured in "tcp" mode. For more details on configuration, see: