I am trying to get haproxy support to work as SSL terminator for port 8883. My expectation was the setup below would be in the right direction. I have tested it with mode tcp and mode http.
frontend mqtt
bind :::8883 ssl crt /etc/haproxy/ssl
tcp-request content reject unless { req.payload(0,0),mqtt_is_valid }
use_backend flashmq
mode tcp
maxconn 1000
backend flashmq
mode tcp
# Create a stick table for session persistence
stick-table type string len 32 size 100k expire 30m
# Use ClientID / client_identifier as persistence key
stick on req.payload(0,0),mqtt_field_value(connect,client_identifier)
server flashmq 127.0.0.1:2883
listen {
protocol mqtt
port 2883
haproxy on
}
FlashMQ Version 1.4.5 with SSE4.2 support
HAProxy version 2.4.18-0ubuntu1 2022/08/25 - https://haproxy.org/
A little bit more elaboration;
The client succesfully gets the SSL handshake done. The log of FlashMQ raises:
[2023-05-24 17:09:53] [NOTICE] Accepting connection from: address='127.0.0.1', transport='TCP/HAProxy/Non-SSL', fd=18
[2023-05-24 17:09:53] [NOTICE] Removing client '[ClientID='', username='', fd=18, keepalive=0s, transport='TCP/HAProxy/Non-SSL', address='127.0.0.1', prot=none, clean=0]'. Reason(s): HAProxy health check, epoll says socket is in ERR or HUP state.
I am trying to get haproxy support to work as SSL terminator for port 8883. My expectation was the setup below would be in the right direction. I have tested it with mode tcp and mode http.
FlashMQ Version 1.4.5 with SSE4.2 support HAProxy version 2.4.18-0ubuntu1 2022/08/25 - https://haproxy.org/
A little bit more elaboration;
The client succesfully gets the SSL handshake done. The log of FlashMQ raises: