Rules & Checks

Navigate to Services -> HAProxy -> Settings

• Click 🔽 next to Rules & Checks

Health Monitors

• Click Health Monitors

SSL Check

• Click ➕
• Name: SSL Check
• Check type: SSL
• SSL preferences: Use server settings
• Check interval: 2s

• Click Save
• Click Apply

Conditions

Navigate to Services -> HAProxy -> Settings

• Click 🔽 next to Rules & Checks
• Click Conditions

Condition Contains SSL Hello Message

• Click ➕
• Name: Contains SSL Hello Message
• Condition Type: SSL Hello Type
• SSL Hello Type: 1-client-hello

• Click Save
• Click Apply

Condition SNI 1

• Click ➕
• Name: sni-example1_com
• Description: SNI Match all example1.com domain
• Condition type: SNI TLS extension contains (TCP request content inspection)
• SNI Contains: example1.com

• Click Save
• Click Apply

Condition SNI 2

• Click ➕
• Name: sni-example1_com
• Description: SNI Match all example1.com domain
• Condition type: SNI TLS extension contains (TCP request content inspection)
• SNI Contains: example2.com

• Click Save
• Click Apply

Rules

Navigate to Services -> HAProxy -> Settings

• Click 🔽 next to Rules & Checks
• Click Rules

Rule TCP Inspect Delay

• Click ➕
• Name: TCP Inspect Delay
• Execute function: tcp-request inspect-delay
• TCP inspection delay: 5s

• Click Save
• Click Apply

Rule Accept Content if Contains SSL Hello

• Click ➕
• Name: Accept Content if Contains SSL Hello
• Select conditions: Contains SSL Hello Message
• Execute function: tcp-request content accept

• Click Save
• Click Apply

Rule Backend 1

• Click ➕
• Name: rule-example1_com
• Select conditions: sni-example1_com
• Execute function: Use specified Backend Pool
• Use backend pool: example1_pool

• Click Save
• Click Apply

Rule Backend 2

• Click ➕
• Name: rule-example1_com
• Select conditions: sni-example2_com
• Execute function: Use specified Backend Pool
• Use backend pool: example2_pool

• Click Save
• Click Apply