On Mon, May 09, 2011 at 08:13:43PM +0200, Cyril Bonté wrote:
> Hi,
>
> Le lundi 9 mai 2011 07:41:50, Lauri-Alo Adamson a écrit :
> > Hello!
> >
> > Anyone has not answered yet for my e-mail its sad ! Is there some kind
> > of haproxy developer mailing list where the development versions are
> > subject of disscussion.
>
> Oh yes, it was 1 month ago.
>
> > I have configured a Cisco CSS devices and had some experiences about
> > them. Then I thinked that I try HAproxy development versioon that
> > supports stiky SSL and I installed debian 6.0.1 x86_64 into VMware ESXi
> > vitrualmahine and installed HAproxy 1.5-dev6 . After that I tried to
> > create HAproxy configuration
> > that uses sticky SSL sessions and try to start Haproxy i had following
> > terror message
> >
> > root@haproxy:# /usr/local/sbin/haproxy -f /etc/haproxy/haproxy.conf
> > [ALERT] 101/163223 (1993) : Proxy 'https': type of pattern not usable
> > with type of stick-table 'https'.
> > [ALERT] 101/163223 (1993) : Proxy 'https': type of pattern not usable
> > with type of stick-table 'https'.
> > [ALERT] 101/163223 (1993) : Fatal errors found in configuration.
> >
> > and haproxy demon do not start.
> >
> > If understand correctly I do not need to use tunnel to use SSL sticky
> > sessioon configurations. My SSL sticky sessioon configuration originates
> > form HAproxy 1.5-dev documention folder file configuration.txt example
> > # Learn SSL session ID from both request and response and create
> > affinity
> >
> > I would be pleased if any one could explain is it a bug of the HAproxy
> > development version or is it my configuration problem !
>
> It is a regression in HAProxy, I'll send a patch tonight after doing some
> more
> tests. I've identified a missing line in the code but I must check if there's
> no other parts that can affect the feature.
>
> For now, you can still try with haproxy 1.5-dev3, which doesn't have the bug.
Cyril's fix will be in tomorrow's snapshot if you're interested.
BTW Lauri-Alo, when one of your mail is not replied to in some reasonable
delay ("reasonable" remaining to be defined by you), do not hesitate to
repost. It's quite common on mailing lists that some mails are left
unreplied forever, sometimes because some posters found a solution and
do not report it, sometimes because they changed the initial requirements
etc... I still have quite a number of unread mails in my box that will
probably never be read, as they're simply too old.
Regards,
Willy
