Jan 092017
One problem for using HTTPS was in the past that sharing DNS names with one web server was not supported. HTTP can handle this for longer.
However HTTPS also supports virtual HTTPS servers: SNI does that.
And here is how to use it with HAProxy:
frontend https-in bind *:443 ssl crt /etc/haproxy/ssl/private/ reqadd X-Forward-Proto:\ https acl is_site1 hdr_end(host) -i www1.qw2.org acl is_site2 hdr_end(host) -i www2.qw2.org use_backend site1 if is_site1 use_backend site2 if is_site2
All the magic is in the bind line where a directory with PEM certificates (concat of fullchain.cer and the key)
Now you can have https for everything and HAProxy will handle all the secure connectivity for you.