Hi all,
The last 2 task I need to to after final decision of the migration from
NGINX is
1) SSL SNI with SSL offload
As I read the docs, this is supported only in version 1.%, which is still
not stable. Is there any way how to do this on 1.$ without nginx as
frontend?
2) SSL client verfication
Hi Peter!
1) SSL SNI with SSL offload
As I read the docs, this is supported only in version 1.%, which is still
not stable. Is there any way how to do this on 1.$ without nginx as
frontend?
SSL offload does work only in 1.5. In 1.4 you need to do this with stunnel
or stud, but that's a lot
To: Hudec Peter phu...@cnc.sk, haproxy@formilux.org
haproxy@formilux.org
Subject: RE: ssl sni and client certificate verification
Hi Peter!
1) SSL SNI with SSL offload
As I read the docs, this is supported only in version 1.%, which is
still
not stable. Is there any way how to do this on 1
...@hotmail.com
Date: Tuesday, July 2, 2013 10:24 AM
To: Hudec Peter phu...@cnc.sk, haproxy@formilux.org
haproxy@formilux.org
Subject: RE: ssl sni and client certificate verification
Hi Peter!
1) SSL SNI with SSL offload
As I read the docs, this is supported only in version 1.%, which
: Re: ssl sni and client certificate verification
Hi Peter,
A few more information about HAProxy features and client certificate:
http://blog.exceliance.fr/2012/10/03/ssl-client-certificate-management-at-
application-level/
http://blog.exceliance.fr/2013/06/13/ssl-client-certificate-information
On 02.07.2013 10:39, Hudec Peter wrote:
Thanks Lukas,
I will try 1.5 version.
But for Debian this version is in experimental now ;( I will look if
some
already done for Wheezy.
I have 1.5 packages for amd64 on my site. They are based on the
packaging done by Vincent Bernat. They Work For
On Tue, Jul 2, 2013 at 9:39 AM, Hudec Peter phu...@cnc.sk wrote:
Thanks Lukas,
I will try 1.5 version.
But for Debian this version is in experimental now ;( I will look if some
already done for Wheezy.
It's really easy to build from source
❦ 2 juillet 2013 10:39 CEST, Hudec Peter phu...@cnc.sk :
But for Debian this version is in experimental now ;( I will look if some
already done for Wheezy.
It's really easy to backport the version in experimental for Wheezy:
dget
8 matches
Mail list logo