Description of problem: The current TLS "edge" termination doesn't support a non HTTP service as backend. How reproducible: Steps to Reproduce: 1. Having a route with configured "edge" TLS termination (and related certificates) 2. Having a "pure" TCP (non HTTP) service as destination of the above route 3. Try to communicate using the above route with the destination service Actual results: The TLS handshake works well but then the HAProxy replies with an HTML page (with bad request information) Expected results: The encrypted traffic is decrypted through the router and sent to the destination service unencrypted.
If this is possible with HAProxy it seems reasonable to have edge terminate to TCP. We might need to have a special case.
It seems reasonable to me too. I added a card to track it, but I'm still investigating whether haproxy can do it. I would like to add a new termination type for it if that is what you mean by "special case" rather than overloading "edge".
Closing this in preference to the Trello card. https://trello.com/c/xMNzgFTy