Hi, We have a client-haproxy-server setup like this https://imgur.com/bxV3BA9, we use apache and jetty httpclient for http1.1 and http2 requests respectively. Our http request will take 2 secs to 10 mins for processing a request depends on the request type. Some of the requests returns null as response(whereas, the request is received and processed succesfully by server which I can verify via server logs) which triggers *org.apache.http.MalformedChunkCodingException: Unexpected content at the end of chunk *on the client side and this problem is happening with http1.1 requests for a speicifc type of requests, I tried tweaking timeouts and tried to fix this but its doesnt help me and timeout does not have a pattern. Each request timeout is having diff timeout values like 5 secs, 12secs, 27 secs or even 45secs. This error dissapears if I remove haproxy and connect directly yo server. my config file as follows,
global log 127.0.0.1 local2 chroot /var/lib/haproxy user haproxy group haproxy daemon tune.ssl.cachesize 200000 ssl-dh-param-file /etc/haproxy/dhparam.pem # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Obtained from https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11 ssl-default-server-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl-default-server-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 ssl-default-server-options no-sslv3 no-tlsv10 no-tlsv11 defaults log global maxconn 2000 mode http option dontlognull option httplog timeout connect 5000 frontend https timeout client 10m timeout http-keep-alive 10m timeout http-request 10m # add X-FORWARDED-FOR & X-CLIENT-IP (IP forwarding to access logs) #http-request add-header X-CLIENT-IP %[src] option forwardfor bind *:6060 ssl crt /etc/haproxy/sample-key.pem alpn h2,http/1.1 default_backend desired_backend backend desired_backend timeout server 10m fullconn 2000 server http1.1 localhost:5050 check It wil be great if someone can shed some light on it, TIA -- *With Regards,* *Santhosh Kumar J*