Hi Lukas,
I've just made some tests using openssl-1.1.1-pre6 and can't reproduce the
issue.
here my simple configuration:
frontend my
mode http
bind :443 ssl crt default strict-sni
redirect location /
(default certificate CN is aloha)
I've tested with openssl-1.1.1-pre6 as client without issue (same thing with
1.0.2g)
openssl s_client -connect 10.0.3.168:443 -tls1_1 -servername aloha
HS => OK
openssl s_client -connect 10.0.3.168:443 -tls1 -servername aloha
HS => OK
openssl s_client -connect 10.0.3.168:443 -tls1 -servername foobar
HS => KO
My haproxy sources are latest 1.8 + some backports from dev branch
Do you have any specific parameter related to ssl in your global section?
R,
Emeric
