>> We need to check how haproxy 1.5 ssl-hello-chk behaves, if it's
>> still SSLv3 only, it would probably be a good time to upgrade this
>> to TLS (at least v1.0).
>>
>> Enable SSLv3 on your server or disabled ssl-hello-chk to workaround
>> the issue.
>>
>
> It is, though I would rather add an additional keyword, so like
> 'ssl-hello-chk tls' would activate TLS1.0
Agreed, that way we can backport it to v1.5.
>> The --ssl parameter makes sure here that curl indeed uses
>> SSL. A https:// prefix is would be more "curl-like" though.
>
>
> Mmmh no, I'm really not sure about that.
> --ssl replaces --ftp-ssl in newer versions of curl.
>
> I've just verified and confirm I see plain HTTP.
>
> From curl source code, --ssl sets the option CURLOPT_USE_SSL to
> CURLUSESSL_TRY, which is only used for ftp, imap, smtp, pop3 (as
> documented in the manpage I have).
Right, I just assumed this would work for http as well. That option
is a confusing ...
Regards,
Lukas
