Basic question on send-proxy:
If the HAProxy server configuration has both SSL and send-proxy, should the
proxy protocol header be sent encrypted within the SSL packet? On
1.5-dev22, I see it being sent outside of the encrypted envelope. This
causes a handshake failure, even when connecting to another HAProxy (that
is, one with SSL and accept-proxy configured).
frontend haproxy
mode tcp
bind 10.10.10.242:8443 name example ssl crt
/etc/haproxy/keys/haproxy2.pem verify required ca-file
/etc/haproxy/keys/rootCA.pem
default_backend backend_with_proxy_protocol
backend backend_with_proxy_protocol
server server1 10.10.10.243:8443 ssl crt
/etc/haproxy/keys/haproxy2.pem verify required ca-file
/etc/haproxy/keys/rootCA.pem send-proxy
Bob
