Hello, On 1/6/2017 1:55 AM, Vitaly Pecharsky wrote: > haproxy -vv > HA-Proxy version 1.7.1 2016/12/13 > Copyright 2000-2016 Willy Tarreau <[email protected]>
As you are running 1.7 and OpenSSL 1.1.0, you don't need to do this any more. HAProxy can now natively support ECC/RSA/DSA based on client support. Check https://cbonte.github.io/haproxy-dconv/configuration-1.7.html#5.1-crt > unix-bind prefix /var/run/ mode 600 user haproxy group haproxy unix-bind only affects bind lines and because of this: > server example-ecc-rsa-in unix@haproxy_example_rsa_in.sock send-proxy You need to change this to unix@/var/run/haproxy_example_rsa_in.sock. Regards, Nenad
