On 1/30/2023 12:08 AM, Jeremy Hansen wrote:
It’s working as of now but are you saying the connection from HAProxy to
the real server won’t be encrypted? I assumed at this point it’s all
passthrough. The browser isn’t complaining at the moment.
Redirecting this back to the mailing list.
When I looked at the config the first time, I missed that it is "mode
tcp". In which case haproxy is not involved in the TLS at all, and my
previous statement is invalid. My apologies.
My haproxy configs are "mode http" and haproxy is handling the TLS that
browsers see. The only backend I have that uses TLS is the one for
plex, because I couldn't find a reasonable way around that. All the
other backends are unencrypted.
I am pretty sure that many of the things I have haproxy doing would not
be possible in tcp mode. If you do not need those, then tcp mode should
work very well.
Thanks,
Shawn
