Hi, I'm an admin for a software dev company. We host our software in the AWS cloud, using HAProxy as an entry point to a private VPC. Our HAProxy handles SSL. Recently, we've had an issue that we can reproduce on multiple proxies. We found that running the following test against our proxies causes the HAProxy service to crash or hang: https://www.ssllabs.com/ssltest/analyze.html
We have to restart the HAProxy service for it to begin responding again. The crash seems to be related to cipher suite testing; HAProxy seems to crash during the part of that SSLlabs.com test called "testing deprecated cipher suites", and we found the solution is to specify a particular list of ciphers using the option "ssl-default-bind-ciphers". We are using HAProxy 1.6.2. We are able to reproduce the issue on 1.6.3 also. Although we have a solution, and we can reproduce in a test environment consistently, we're unable to find a cause for this behaviour. Any ideas? I can provide obfuscated configs and logs if needed, although logging doesn't seem to shed much light. Thanks in advance! -Phil
