Hello, On 11/19/2014 12:16 AM, Lukas Tribus wrote:
We need to check how haproxy 1.5 ssl-hello-chk behaves, if it's still SSLv3 only, it would probably be a good time to upgrade this to TLS (at least v1.0). Enable SSLv3 on your server or disabled ssl-hello-chk to workaround the issue.
It is, though I would rather add an additional keyword, so like 'ssl-hello-chk tls' would activate TLS1.0 (we can consider adding tls1.1, tls1.2, though not sure those are of any interest).
Regards, Nenad
