Hello Phil, We have to restart the HAProxy service for it to begin responding again. > The crash seems to be related to cipher suite testing; HAProxy seems to > crash during the part of that SSLlabs.com test called "testing deprecated > cipher suites", and we found the solution is to specify a particular list > of ciphers using the option "ssl-default-bind-ciphers". >
> > We are using HAProxy 1.6.2. We are able to reproduce the issue on 1.6.3 > also. > I'm heavily using both HAProxy and SSLLabs check, and never experienced any crash. Which version of OpenSSL are you using ? Is it compiled static in haproxy ? Sending the output of both "haproxy -vvv" and "openssl version" would help, with an example of your haproxy config file (you can remove sensitive information. What would be really useful is the cipher suite you are using). Olivier
