Vault beehind haproxy

Hello All,
I am new in vault and I installed it with certificates and it works.
I cannot reach it using an haproxy with tcp passthru.
Anyone can help me, please?
Ignazio

Hello, I am continuing to have isdues configuring vault behind haproxy.
If I connect to each vault server ui on port 8200 it works fine with the certificate.
If I try to connect using tcp pass thru in haproxy it gives ssl handshake errors.
I also tried to install apache on servers where vault is installed with same certificates and it works using haproxy pass thru.
So I think some specific configuration is required for vault.
Thanks
Ignazio

Hi, this is my working config:

global

defaults
     mode tcp
     timeout connect 5000
     timeout client 10000
     timeout server 10000

frontend vault
     mode tcp
     log global
     bind *:443 ssl crt /etc/haproxy/ssl.cer
     option tcplog
     default_backend vault

backend vault
     mode tcp
     option httpchk GET /v1/sys/health HTTP/1.1
     http-check expect status 200
     http-send-name-header Host
     server node1 vault-1.my.domain:8200 ssl check check-ssl verify none
     server node2 vault-2.my.domain:8200 ssl check check-ssl verify none
     server node3 vault-3.my.domain:8200 ssl check check-ssl verify none

With a new cert for https://vault.my.domain (/etc/haproxy/ssl.cer). It is not perfect, but it works and forwards on the active node