Encryption from the load balancer to the backends

17 views
Skip to first unread message

Anish Karmi

unread,
Aug 19, 2021, 10:13:20 AMAug 19
to gce-discussion
Hi Guys,
I want to create an HTTPS backend to encrypt traffic from the load balancer to the backend group.

I have created a load balancer in GCP for using HTTPS to forward it to the HTTPS backend group. I have configured the Instance to use HTTPS by creating a certificate on the instance and when I curl from the instance itself I get the following

root@instance:/var/log/apache2# curl https://localhost -k 

<WebPage content>

Similarly, when I curl from another VM I get the webpage content.

I checked the GCP documentation on Encryption from the load balancer to the backends and have configured the backend and health check as stated.

However, the health check shows UNHEALTHY, and the health check log shows

healthCheckProbeResult: { connectLatency: "0.000651s" detailedHealthState: "TIMEOUT" healthCheckProtocol: "HTTPS" healthState: "UNHEALTHY" ipAddress: "10.8.1.4" previousDetailedHealthState: "UNKNOWN" previousHealthState: "UNHEALTHY" probeCompletionTimestamp: "2021-08-11T07:46:06.973978919Z" probeRequest: "/user" probeResultText: "HTTP response: , Error: Protocol error" probeSourceIp: "35.191.1.154" responseLatency: "0.002054s" targetIp: "<internal IP>" targetPort: 443 }

When I only use HTTP, by changing apache and backend configurations, the site works fine.

The port 443 is also active and listening

apache2 5113 root 6u IPv6 90781495 0t0 TCP *:443 (LISTEN)

I cannot debug what the actual issue is here.

I want there to be encryption between the load balancer and the backend. So any other methods will be welcomed.


Reply all
Reply to author
Forward
0 new messages