Problem solved nc wasn’t working correctly on my linux distro switched to netcat and it started working properly
On 26 Jul 2014, at 09:18, William Lewis <[email protected]> wrote: > Hi all, > > I’m trying to setup OCSP stapling for my setup, I’ve got it working on reload > but am trying to use the stats socket to update the responses. > > My dev setup on OS X works as expected, > > I run the following > > echo "set ssl ocsp-response $(base64 -w 10000 ${CERT}.ocsp)" | nc $STATS_HOST > $STATS_PORT > > and get the response from the socket > > OCSP Response updated! > > But when I run this on my linux staging server the stats socket just closes > with no response. > > > How do I debug what is going wrong? > > > DEV: > > $ /usr/local/sbin/haproxy -vv > HA-Proxy version 1.5.3 2014/07/25 > Copyright 2000-2014 Willy Tarreau <[email protected]> > > Build options : > TARGET = generic > CPU = generic > CC = gcc > CFLAGS = -m64 -march=x86-64 -O2 -g -fno-strict-aliasing > OPTIONS = USE_ZLIB=yes USE_OPENSSL=1 USE_PCRE=1 > > Default settings : > maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 > > Encrypted password support via crypt(3): no > Built with zlib version : 1.2.8 > Compression algorithms supported : identity, deflate, gzip > Built with OpenSSL version : OpenSSL 1.0.1g 7 Apr 2014 > Running on OpenSSL version : OpenSSL 1.0.1g 7 Apr 2014 > OpenSSL library supports TLS extensions : yes > OpenSSL library supports SNI : yes > OpenSSL library supports prefer-server-ciphers : yes > Built with PCRE version : 8.35 2014-04-04 > PCRE library supports JIT : no (USE_PCRE_JIT not set) > > Available polling systems : > poll : pref=200, test result OK > select : pref=150, test result OK > Total: 2 (2 usable), will use poll. > > STAGING: > > $ /usr/local/sbin/haproxy -vv > HA-Proxy version 1.5.3 2014/07/25 > Copyright 2000-2014 Willy Tarreau <[email protected]> > > Build options : > TARGET = linux2628 > CPU = generic > CC = gcc > CFLAGS = -m64 -march=x86-64 -O2 -g -fno-strict-aliasing > OPTIONS = USE_ZLIB=yes USE_OPENSSL=1 USE_PCRE=1 > > Default settings : > maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 > > Encrypted password support via crypt(3): yes > Built with zlib version : 1.2.3 > Compression algorithms supported : identity, deflate, gzip > Built with OpenSSL version : OpenSSL 1.0.1h 5 Jun 2014 > Running on OpenSSL version : OpenSSL 1.0.1h 5 Jun 2014 > OpenSSL library supports TLS extensions : yes > OpenSSL library supports SNI : yes > OpenSSL library supports prefer-server-ciphers : yes > Built with PCRE version : 7.8 2008-09-05 > PCRE library supports JIT : no (USE_PCRE_JIT not set) > Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT > IP_FREEBIND > > Available polling systems : > epoll : pref=300, test result OK > poll : pref=200, test result OK > select : pref=150, test result OK > Total: 3 (3 usable), will use epoll. >
