Features used: acl's / actions / offloading / SNI / certificates
- Some HTTPS traffic is forwarded as-is to the backend while using SNI to select differentiate between different domains
- Some HTTPS traffic is decrypted on haproxy, then host header is used for selecting the backend
- For some domains HTTP traffic is redirected to HTTPS, others are served by the default backend.
If SNI backend selection without offloading is not required for some, then Frontend2 does not need to be configured, and Frontend3 should be configured to listen on WAN:443