I have following configuration in /etc/haproxy/haproxy.cfg
> frontend LB
> bind *:80
> reqadd X-Forwarded-Proto:\ http
> default_backend LB
>
> frontend LBS
> bind *:443 ssl crt /etc/ssl/xy.pem
> reqadd X-Forwarded-Proto:\ https
> default_backend LB
>
> backend LB *:80
> redirect scheme https if !{ ssl_fc }
> mode http
> stats enable
> stats hide-version
> stats uri /stats
> stats realm Haproxy\ Statistics
> stats auth xxxx:yyyyyy
> balance roundrobin
> option httpchk
> option httpclose
> option forwardfor
> cookie LB insert
> server web1-srv xx.xx.xxx.xxx:80 cookie web1-srv check
> server web2-srv xx.xx.xxx.xxx:80 cookie web2-srv check
From log i have impression that https requests are not working
[07/Aug/2018:12:35:01.402] LB LB/ 10/-1/-1/-1/10 302 121 – – LRNN 0/0/0/0/3 0/0 "GET / HTTP/1.1"
Best Answer
Your frontend LBS "offloads" the https, and passes a http request to backend LB. Which then redirects to https. As you can see in your log: 302.
BTW, I think you should remove the "*:80" from your backend. The frontend LB is bound to port 80.