Hi I am still trying to get TLS to work, but with so far no luck.
Haproxy: fc00:####:####:##61::11 Server: fc00:####:####:##22::11 (Exchange server) When I run my mini HAProxy test script, HAproxy close the connection with Encryption Alert or as it shows in the log file: failed, reason: Layer7 invalid response, check duration: 10ms I have tried to look into the traffic with Wireshark, and it is here I can see that it is terminated with "Encryption Alert (21)" But why, I cannot see, and I cannot find a way to get more information out of Haproxy. Both wget and curl with the certificate work as it should and reply 200 ok. curl https://xmail.XXXXXX.dk/ecp/healthcheck.htm --cacert crt5.pem 200 OK Crt5.pem = public + intermediates + Root CA + Private This is the code there produce the connection: Backend HA_DAG_XMail_ECP mode http id 503 log global balance roundrobin option log-health-checks option httpchk GET /ecp/healthcheck.htm http-check expect status 200 Here is the TLS output from Wireshark: 27 15:54:19,399602 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 324 Client Hello 30 15:54:19,401908 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 694 Server Hello, Certificate, Server Key Exchange, Server Hello Done 34 15:54:19,405761 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 232 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 35 15:54:19,407486 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 125 Change Cipher Spec, Encrypted Handshake Message 36 15:54:19,407584 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 143 Application Data 39 15:54:19,407936 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 159 Application Data 43 15:54:21,410207 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 324 Client Hello 46 15:54:21,412491 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 694 Server Hello, Certificate, Server Key Exchange, Server Hello Done 50 15:54:21,416660 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 232 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 51 15:54:21,418423 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 125 Change Cipher Spec, Encrypted Handshake Message 52 15:54:21,418561 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 143 Application Data 55 15:54:21,418931 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 159 Application Data 56 15:54:21,419013 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 105 Encrypted Alert 61 15:54:23,421367 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 324 Client Hello 64 15:54:23,423533 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 694 Server Hello, Certificate, Server Key Exchange, Server Hello Done 68 15:54:23,427943 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 232 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 69 15:54:23,430107 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 125 Change Cipher Spec, Encrypted Handshake Message 70 15:54:23,430252 fc00:####:####:##22::11 fc00:####:####:##61::11 TLSv1.2 143 Application Data 73 15:54:23,430653 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 159 Application Data 74 15:54:23,430666 fc00:####:####:##61::11 fc00:####:####:##22::11 TLSv1.2 105 Encrypted Alert Regards Henning
