I’ve recently hit a snag configuring haproxy for one of my side projects, specifically I couldn’t find documentation for all the possible values of req.ssl_hello_type sample fetch.
Thankfully i’ve had help from haproxy irc channel so sharing my findings here for those in similar situation.
Possible values of haproxy req.ssl_hello_type sample fetch:
- 0 means there was no client hello
- 1 is a client hello
- 2 is a server hello
This fetch is usually used to check if this is ssl/tls traffic or not.
People commonly use { req.ssl_hello_type 1 } check to direct SSL/TLS traffic to specific backed.
If you are interested in example – here’s one where we could use single port to listen to both HTTP and HTTPS and then based on above check redirect HTTP consumers to HTTPS: