Addressing Protocol Mismatch Between SSL Termination and HTTPS-Required Backends

[saltiyazan]

Enhancement Proposal

The current HAProxy charm configuration performs TLS termination at the frontend but communicates with backend services using plain HTTP. This creates compatibility issues with services that require HTTPS connections (like Vault), resulting in the error: "Client sent an HTTP request to an HTTPS server."

I had to add check ssl verify none in the backend configuration part in haproxy.cfg for it to work.

Could you please modify the template to account for such cases?

[alithethird]

Thanks a lot for creating the issue @saltiyazan !

@Thanhphan1147 can you create a ticket and have a look at this issue?

[saltiyazan]

I created #74 to address this.

[saltiyazan]

Hi @Thanhphan1147 , @alithethird !

Do you have any updates on this?

[Thanhphan1147]

Closing this as fixed since #172 is merged