On Centos, after you update openssl, this is one choice ;
..
..
bind 0.0.0.0:443 ssl no-sslv3 crt /etc/ssl/certs/yourkey.pem ciphers
Hi,
Since we can't even properly connect to s_server, that may be the end
of the road for those clients. However, I'm hoping there may be
something that could be configured to allow them through HAProxy.
Below is a s_server log. Note the read failure at the end. A similar
capture in the view
Hi,
On 21.02.2015 13:45, Dennis Jacobfeuerborn wrote:
Hi,
I noticed that when I use my browser (latest Firefox) to connect to
haproxy then it will select an RC4 based cipher even though better
options are available. When I make a connection to e.g.
https://www.google.com/ the browser uses
When I connect to haproxy the client uses:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
When I connect to google.com the client uses:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
A part from the RC4 vs AES difference here, which you can
probably fix by an appropriate ciphers string, as long as you
are using a
Hi,
I noticed that when I use my browser (latest Firefox) to connect to
haproxy then it will select an RC4 based cipher even though better
options are available. When I make a connection to e.g.
https://www.google.com/ the browser uses the correct cipher instead
(stronger and the first in the list
5 matches
Mail list logo