> > Markus, please follow Willy's advise and remove all force-* configurations > from your bind line, you should use no-sslv3/no-tlsv1[0-2] keywords to > configure specific TLS version, but in this case, as long as you > troubleshooting this, I strongly suggest to not configure any specific TLS > settings. >
i have removed the force-options. so i just have frontend https bind 46.16.74.36:443 ssl crt /opt/haproxy/haproxy.ssl.crt ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:!RC4+RSA:+HIGH:+MEDIUM with dev23 and dev24 i don't see any handshake error messages anymore. thats good. the error messages in the browser came very seldom. so its hard to confirm, that they are gone. but i would suppose, that they are fixed. i will have a look on this and report... thanxs markus
