Re: Error on "tcp-check connect port 3389 ssl" in config
You where right! I forgot to install the newly compiled binary, working with the one without ssl support! On Thu, Aug 31, 2017 at 1:28 PM, Cyril Bonté wrote: > Hi Thomas, > >> De: "Thomas Schweikle" >> À: haproxy@formilux.org >> Envoyé: Jeudi 31 Août 2017 12:48:39 >> Objet: Error on "tcp-check connect port 3389 ssl" in config >> >> Hi! >> >> Trying to configure haproxy to act as a connection broker and load >> balancer for RDP (aka Microsoft Terminal Services). >> >> While configuring the backend, I found haproxy choke on >> >> tcp-check connect port 3389 ssl >> >> with message: >> >> [ALERT] 242/124152 (6066) : parsing [/etc/haproxy/haproxy.cfg:33] : >> 'tcp-check connect' expects 'comment', 'port', 'send-proxy' or but >> got >> 'ssl' as argument. >> >> Within the handbook I find (section "tcp-check connect"): >> >> tcp-check connect port 443 ssl >> >> If it chokes on this -- is it a bug? Or anything else? >> >> # haproxy -v >> HA-Proxy version 1.7.9 2017/08/18 >> Copyright 2000-2017 Willy Tarreau > > I guess that you compiled haproxy yourself and forgot to enable the SSL > support. > If you run the following command : > haproxy -vv > it will probably show you that haproxy was compiled without SSL support. > > Cyril Bonté -- Thomas
Re: Error on "tcp-check connect port 3389 ssl" in config
Hi Thomas, > De: "Thomas Schweikle" > À: haproxy@formilux.org > Envoyé: Jeudi 31 Août 2017 12:48:39 > Objet: Error on "tcp-check connect port 3389 ssl" in config > > Hi! > > Trying to configure haproxy to act as a connection broker and load > balancer for RDP (aka Microsoft Terminal Services). > > While configuring the backend, I found haproxy choke on > > tcp-check connect port 3389 ssl > > with message: > > [ALERT] 242/124152 (6066) : parsing [/etc/haproxy/haproxy.cfg:33] : > 'tcp-check connect' expects 'comment', 'port', 'send-proxy' or but > got > 'ssl' as argument. > > Within the handbook I find (section "tcp-check connect"): > > tcp-check connect port 443 ssl > > If it chokes on this -- is it a bug? Or anything else? > > # haproxy -v > HA-Proxy version 1.7.9 2017/08/18 > Copyright 2000-2017 Willy Tarreau I guess that you compiled haproxy yourself and forgot to enable the SSL support. If you run the following command : haproxy -vv it will probably show you that haproxy was compiled without SSL support. Cyril Bonté
Error on "tcp-check connect port 3389 ssl" in config
Hi! Trying to configure haproxy to act as a connection broker and load balancer for RDP (aka Microsoft Terminal Services). While configuring the backend, I found haproxy choke on tcp-check connect port 3389 ssl with message: [ALERT] 242/124152 (6066) : parsing [/etc/haproxy/haproxy.cfg:33] : 'tcp-check connect' expects 'comment', 'port', 'send-proxy' or but got 'ssl' as argument. Within the handbook I find (section "tcp-check connect"): tcp-check connect port 443 ssl If it chokes on this -- is it a bug? Or anything else? # haproxy -v HA-Proxy version 1.7.9 2017/08/18 Copyright 2000-2017 Willy Tarreau backend bk_rdp mode tcp balance leastconn timeout server 1h timeout connect 4s log global option tcplog stick-table type string len 32 size 10k expire 8h peers nxmux stick on rdp_cookie(mstshash) option tcp-check tcp-check connect port 3389 ssl default-server inter 3s rise 2 fall 3 #server nxnode01 10.169.16.105:3389 weight 10 check #server nxnode02 10.169.16.106:3389 weight 10 check server nxnode03 10.169.16.107:3389 weight 10 check server nxnode04 10.169.16.108:3389 weight 10 check -- Thomas