On Thu, Mar 17, 2016 at 10:47 AM, Igor Cicimov < [email protected]> wrote:
> > > On Thu, Mar 17, 2016 at 5:29 AM, Zachary Punches <[email protected]> > wrote: > >> I’m not, these guys aren’t sitting behind an ELB. They sit behind route53 >> routing. If one of the proxy boxes fails 3 checks in 30 seconds (with 4 >> checks done a second) then Route53 changes its routing from the first proxy >> box to the second >> >> >> >> >> On 3/15/16, 9:46 PM, "Baptiste" <[email protected]> wrote: >> >> >Maybe you're checking a third party VM :) >> > >> > > AFAIK the Route53 health checks come from different points around the > globe and it is possible that at some time of the day AWS has scheduled > some specific end points to perform the HC. And it is possible that those > ones have different SSL settings from the ones performing the HC during > your day time. I would suggest you bring up this issue with AWS support, > let them know your SSL cypher settings in HAP and ask if they are > compatible with ALL their servers performing SSL health checks. > > I personally haven't seen any issues with failed SSL handshakes coming > from AWS servers and have HAP's running in AU and UK regions. > > Igor > That is if you are absolutely sure that the failed handshakes are not caused by overload or misconfigured (system) settings on HAP
