Hello Emeric,
On Wed, 30 May 2018 at 19:34, Lukas Tribus <[email protected]> wrote: > >> Do you have any specific parameter related to ssl in your global section? > > I've confirmed the change in behavior only happens with an ECC > certificate, an RSA certificate is not affected. Just to confirm that this is still an actual problem with current haproxy and openssl 1.1.1pre9. You just have to use a ECC certificate instead of a RSA certificate, and it will fail with TLSv1.1 when strict-sni is enabled. Can you confirm you are seeing the same issue, when using a ECC certificate? Thanks, Lukas
