Hi,
This kind of config works perfectly on my box. I am not sure SNI has something to do here as relayd terminates the https connection, gets all the headers and reopens a new one.
I just think you forgot the "with tls" in your forward directive below:
relay "proxyssl" {
listen on $gateway port https
protocol "httpproxy"
forward with tls to <new-webserver> port https
}
Do not forget to set a "ca file" in your protocol section if you want relayd to check the certificate of your target's server (see relayd.conf man).
Ronan
No comments:
Post a Comment