Nice ! Just set up on my personnal server with 2 wildcard certificates. It seems to work like a charm :)
I use this, TLSv1.2 enabled (so using openssl 1.0.1):
bind :::443 ssl crt /etc/ssl/startssl/haproxy/xwing.info.pem crt
/etc/ssl/startssl/haproxy/ ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-
SHA256:RC4:HIGH:!MD5:!aNULL:!EDH prefer-server-ciphers
Thanks, great job !
--
Guillaume Castagnino
[email protected] / [email protected]
