> Hi, > > I'm an admin for a software dev company. We host our software in the > AWS cloud, using HAProxy as an entry point to a private VPC. Our > HAProxy handles SSL. Recently, we've had an issue that we can reproduce > on multiple proxies. > We found that running the following test against our proxies causes the > HAProxy service to crash or hang: > https://www.ssllabs.com/ssltest/analyze.html > > We have to restart the HAProxy service for it to begin responding > again. The crash seems to be related to cipher suite testing; HAProxy > seems to crash during the part of that SSLlabs.com test called "testing > deprecated cipher suites", and we found the solution is to specify a > particular list of ciphers using the option "ssl-default-bind-ciphers".
Sounds like the CentOS 6.4 issue: http://blog.tinola.com/?e=36 Are you using CentOS 6.4? What about chroot? Some more outputs like haproxy -vv or a crash backtrace would be useful, yes. cheers, lukas
