frontend HTTP
mode http
timeout client 10s
timeout http-request 10s
bind 10.0.0.1:80
# Redirect all HTTP to HTTPS
redirect scheme https code 301 if !{ ssl_fc }
frontend HTTPS
bind 10.0.0.1:443 ssl crt /etc/ssl/private/mail.company.com.pem
mode http
# options
option http-keep-alive
no option httpclose
no option http-server-close
timeout client 600s
maxconn 1000
# acl
acl is_owa_redir path / /owa
acl is_mail hdr(host) -i mail.company.com
# redirect root to owa
http-request redirect location /owa/ if is_mail is_owa_redir
# backends
use_backend EXCHANGE if { ssl_fc_sni mail.company.com }
default_backend EXCHANGE
backend EXCHANGE
# balance source
# options
option http-keep-alive
option prefer-last-server
option forwardfor
option httplog
no option httpclose
no option http-server-close
no option forceclose
no option http-tunnel
# server cas01 cas01.intranet.company.com:443 ssl verify none check
# server cas02 cas02.intranet.company.com:443 ssl verify none check
server mail.company.com mail.company.com:443 ssl verify none check
# localectl status