Use of SNI in TLS passthrough is not supported.

Question

Use of SNI in TLS passthrough is not supported.

Opened this issue 7 years ago · 0 comments

We are currently working off a fork that enables the use of SNI on TLS passthrough but wanted to gauge desire to support this in the upstream. In short, the hardcoded use of ssl_fc_sni in config.py means that the SNI will only be available when the proxy is terminating the SSL connection. We have some use cases where we must use passthrough and there for have forked an hardcoded the use of req_ssl_sni.

We recognize that req_ssl_sni is deprecated, but don't see an option in the configuration documentation for HAProxy (though we are new to HAProxy so that may just be lack of knowledge).