How to decrypt and encrypt HTTPS traffic using haproxy?

Ok, so I know that we can either redirect HTTPS traffic using haproxy to the backend servers unchanged, or terminate SSL on the proxy and the remaining traffic course be unencrypted. But is there a way to make haproxy work such that traffic is decrypted on the server and encrypted before being sent to the server nodes?

Basically I get half the job with SSL termination, but I want the traffic to be encrypted again when it leaves the proxy.

Is this possible with haproxy? or is there any other tool I could use in conjunction with haproxy to create and manage HTTPS / SSL sessions with backend servers?

+3


source to share


1 answer


Have you tried
setting it up like this: Haproxy terminates SSL, instead of redirecting unencrypted traffic to your server to the HTTP port, try redirecting it to the HTTPS port on the server and wrap it in a self-signed certificate. i.e

.:
SSL traffic -> haproxy: 443 (domain certificate) -> backend: 443 (internal certificate)

I installed this before and it worked fine



0


source







All Articles