通过https将Cloudfront用作HAProxy后端服务器 [英] Using Cloudfront as a HAProxy backend server with https

查看:98
本文介绍了通过https将Cloudfront用作HAProxy后端服务器的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在S3存储桶的前面有一个CloudFront资源.可通过以下网址访问它:

I have a CloudFront resource sitting in front of my S3 bucket. It's accessible at —

https://<id>.cloudfront.net

但是如果我点击了-

<id>.cloudfront.net:443

我收到一个400错误的请求.我想在我的HAProxy配置中指向CloudFront,但是由于上述问题,我无法使用 443 端口.我也不能在服务器语句中使用 https URL协议.

I get a 400 Bad Request. I want to point to CloudFront in my HAProxy configuration, but I can't use the 443 port because of the above-mentioned issue. Nor can I use the https URL protocol in the server statement.

backend my_cloudfront_app
    http-response set-header Strict-Transport-Security max-age=31536000
    server my_server <id>.cloudfront.net:443

如何在HAProxy中从此服务器块访问HTTPS cloudfront?

How can I hit HTTPS cloudfront from this server block in HAProxy?

推荐答案

我假设您需要向Cloudfront后端的请求标头中添加一些信息.

I assume You will need to add some infos to the request headers for the cloudfront backend.

此示例适用于HAProxy 2.0

This example works with HAProxy 2.0

backend my_cloudfront_app
    http-response set-header Strict-Transport-Security max-age=31536000

    # Add backend header for cloudfront backend request
    http-request set-header Host <id>.cloudfront.net

    # maybe you will need to add a S3 prefix to the request path
    # http-request set-path <CLOUDFRONT_S3_Prefix>%[path] 

    server my_server <id>.cloudfront.net:443 sni str(<id>.cloudfront.net) ssl verify none

这篇关于通过https将Cloudfront用作HAProxy后端服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆