yes, stunnel was my original inspiration for this request, I wanted HAproxy to communicate with stunnel-backed services. actually, stunnel implements both PSK server and PSK client and it would make sense for HAproxy to have both. TLS 1.3 also appears to significantly improve PSK with combinations such as RSA-PSK and ECDHE-PSK, so that appears to have future usability as well.
Regards, Gil On Sun, Jan 1, 2017 at 5:41 PM, Igor Pav <[email protected]> wrote: > Stunnel supports it, https://www.stunnel.org/auth.html, quite simple. > > On Sun, Jan 1, 2017 at 4:34 PM, Willy Tarreau <[email protected]> wrote: > > On Sun, Jan 01, 2017 at 01:16:37AM +0800, Igor Pav wrote: > >> Sounds good for SSL backend, is this possible? > > > > Indeed that sounds interesting for such use cases. I have no idea what it > > requires to set it up nor what needs to be configurable. Does anyone have > > any pointer to any product supporting it ? > > > > Willy >
