On Mon, Jun 15, 2020 at 03:48:40PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 15.06.20 um 14:56 schrieb William Lallemand:
> > I think I found the problem, could you try the attached patch for 2.1?
> >
>
> I'd prefer not, because I don't have a staging system where I could
> easily reproduce
William,
Am 15.06.20 um 14:56 schrieb William Lallemand:
> I think I found the problem, could you try the attached patch for 2.1?
>
I'd prefer not, because I don't have a staging system where I could
easily reproduce the issue (and generating SSL certs to test this
properly is annoying). I was e
On Sat, Jun 13, 2020 at 04:55:53PM +0200, Tim Düsterhus wrote:
> William,
>
> Am 13.06.20 um 16:46 schrieb Tim Düsterhus:
> > tune.ssl.default-dh-param 2048 solved the issue for me.
> >
> > I'd argue that this is a bug in HAProxy nonetheless, because apparently
> > the crt-list file is not fully
William,
Am 13.06.20 um 16:46 schrieb Tim Düsterhus:
> tune.ssl.default-dh-param 2048 solved the issue for me.
>
> I'd argue that this is a bug in HAProxy nonetheless, because apparently
> the crt-list file is not fully parsed in case of DH parameter warnings
> (not errors). In fact I can remembe
Dear List,
Am 13.06.20 um 16:11 schrieb Tim Düsterhus:
> Any ideas?
>
Looking at the startup warnings is always a good idea:
> Jun 13 14:40:52 *snip* haproxy[15815]: [WARNING] 164/144052 (15815) :
> Reexecuting Master process
> Jun 13 14:40:52 *snip* haproxy[15815]: [WARNING] 164/144052 (15815
Dear List,
I finally got around to upgrading my personal box from Debian Stretch to
Debian Buster. Unfortunately after the upgrade all my HTTP hosts failed
to work, because I use `strict-sni` as well as a strict `crt-list`.
Software versions before the upgrade:
HAProxy 2.1.7-1~bpo9+1
lib
6 matches
Mail list logo
