Is it possible to terminate ssl between servers behind haproxy, using the existing haproxy's ssl termination

sa flag

photo of my architecture

I have an haproxy server doing SSL termination for traffic from the internet and a domain name GitLab.private pointing to it(orange path in the picture).

The problem I'm facing is when I want to access https://gitlab.private from another backend server I'm getting an error because GitLab.private is expecting HTTP from within the backend(green path in the picture).

I thought perhaps there is a way I can use the haproxy for SSL termination from inside the backend such as the purple path.
or do I have to set up a private certificate to make GitLab listen on HTTPS?

shmuel wachtfogel avatar
sa flag
*the left dns server is suppose to be outer-dns

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.