frontend https-in
    bind *:443
    tcp-request inspect-delay 3s
    tcp-request content accept if { req.ssl_hello_type 1 }

    acl tls req.ssl_hello_type 1
    acl has_sni req.ssl_sni -m found

    use_backend ocserv if tls { req.ssl_sni -i [ocserv domain] }
    use_backend https-out if tls { req.ssl_sni -i [domian] }

backend ocserv
    mode tcp
    option ssl-hello-chk
    server server-vpn send-proxy-v2 # ocserv工作在本地999端口

backend https-out
    server server-web check #https工作在本地4443端口

listen-proxy-proto = true


HAProxy forwarding to HTTPS sites

How to share the same port for VPN and HTTP