Haproxy虚拟主机SSL
Haproxy为多个域名配置SSL
生成自签名证书
sudo mkdir /etc/ssl/atbug.com
sudo openssl genrsa -out /etc/ssl/atbug.com/atbug.com.key 1024
sudo openssl req -new -key /etc/ssl/atbug.com/atbug.com.key -out /etc/ssl/atbug.com/atbug.com.csr
sudo openssl x509 -req -days 365 -in /etc/ssl/atbug.com/atbug.com.csr -singkey /etc/ssl/atbug.com/atbug.com.key -out /etc/ssl/atbug.com/atbug.com.crt
sudo openssl x509 -req -days 365 -in /etc/ssl/atbug.com/atbug.com.csr -signkey /etc/ssl/atbug.com/atbug.com.key -out /etc/ssl/atbug.com/atbug.com.crt
sudo cat /etc/ssl/atbug.com/atbug.com.crt /etc/ssl/atbug.com/atbug.com.key | sudo tee /etc/ssl/atbug.com/atbug.com.pem
Haproxy配置
frontend https
bind *:443 ssl crt /etc/ssl/atbug.com/atbug.com.pem
option tcplog
mode http
#option forwardfor
###atbug-https
acl atbug-https hdr_beg(host) -i test.atbug.com
use_backend rome-atbug-https-backend if atbug-https
backend rome-atbug-https-backend
balance roundrobin
mode http
option ssl-hello-chk
server node-1 ip:port cookie dw2-vm-test-apps003 check inter 2000 rise 3 fall 3 weight 50
