This is an unfortunate part of the http/1 spec (http/2 makes this much better
with the goaway messages so the client knows for sure if the server processed
the request)
Including the time out in the header is nice, although I'm not sure how many
clients/client libraries will pick up on that.
Hi!
Thanks for the response. I had looked at the "hold" directives, but since they
all seem to have reasonable defaults, I did not touch them.
I specified 10s explictly, but it did not make a difference.
I did some more tests, however, and it seems to have more to do with the number
of
Hi,
I am encountering a problem with http 1.1 clients that reuse their connection
just at the same moment that HAProxy is closing it, resulting in socket hangup
ECONNRESET style errors. Version is 1.9.4.
In our haproxy config we have something like :
timeout http-keep-alive 5s
A client
Hello Jarno,
thanks for your suggestions. It was not successful.
However, I managed to make it reproductible. I would be really happy, if
someone more experienced would take a look on this.
Setup
Client (Chrome) -> Haproxy (Docker) -> Jetty (Docker)
The client executes following script, it
Any attempt to put TLS 1.3 ciphers on servers failed with output 'unable
to set TLS 1.3 cipher suites'.
This was due to usage of SSL_CTX_set_cipher_list instead of
SSL_CTX_set_ciphersuites in the TLS 1.3 block (protected by
OPENSSL_VERSION_NUMBER >= 0x10101000L & so).
Signed-off-by: Pierre
Hello Daniel,
You might be missing the hold-valid directive in your resolvers section:
https://www.haproxy.com/documentation/hapee/1-9r1/onepage/#5.3.2-timeout
This should force HAProxy to fetch the DNS record values from the resolver.
A reload of the HAProxy instance also forces the
The converted can be used to decrypt the raw byte input using the
AES-GCM algorithm, using provided nonce, key and AEAD tag. This can
be useful to decrypt encrypted cookies for example and make decisions
based on the content.
---
doc/configuration.txt | 11
src/ssl_sock.c| 140
Hello!
Friendly bump :)
I'd be willing to amend the documentation once I understand what's going on :D
Cheers,
Daniel
> On 18. Mar 2019, at 20:28, Daniel Schneller
> wrote:
>
> Hi everyone!
>
> I assume I am misunderstanding something, but I cannot figure out what it is.
> We are using
Hug
9 matches
Mail list logo