Re: SSLv2Hello is disabled

On 02/12/2015 12:41 AM, "Cohen Galit" wrote: > > Hello, > > > > When HAProxy 1.5.9 is trying to sample our servers with this configuration: tcp-check connect port 50443 ssl > > > > Our servers returns an error: > > > > 2015-11-29 09:48:18,155 [StartPoint-IMAP-SSL-Worker(14)]

RE: SSLv2Hello is disabled

On 02/12/2015 10:19 AM, "Lukas Tribus" wrote: > > > On 02/12/2015 12:41 AM, "Cohen Galit" > > > wrote: > > > > > > Hello, > > > > > > > > > > > > When HAProxy 1.5.9 is trying to sample our servers with this > > configuration:

RE: SSLv2Hello is disabled

> On 02/12/2015 12:41 AM, "Cohen Galit" > > wrote: > > > > Hello, > > > > > > > > When HAProxy 1.5.9 is trying to sample our servers with this > configuration: tcp-check connect port 50443 ssl > > > > > > > > Our servers returns an

heartbeat traffic with many instances

Hello, After tests we got best performance with nbproc = 24 (on our setup). However it induces non negligible heartbeat traffic (nbproc=24, on a bunch of haproxy loadbalancers, healthcheｃking hundreds of containers), Is there a way for each machine to delegate their healthchecking to a single

haproxy doesn't get SIGUSR1

I'm using service_loadbalancer from kubernetes ( https://github.com/kubernetes/contrib/tree/master/service-loadbalancer ) . This program would re-spawn haproxy when it found a change of upstream endpoints. When service_loadbalancer starts, it runs haproxy -sf $(cat pidfile) several times very

[SPAM] 回复吴总

haproxy，您好： 施课长 2015-12-2

[no subject]

E����~�&�]接m�桩G臣]4���4C�栽�{P�sm5�^粲��油4 �^N绲 �6�^u�Mt腠<�Ak�f�k+��н��f�k+��н��d���k��j�枨'璁hセ+�乾报 =醋�v�]{�]:篆v�M舒��)麟G(�s�W��fj)z�M醋m��W��*'�@��拽�<�z妆氟ej)z

Re: Contribution for HAProxy: Peer Cipher based SSL CTX switching

Hello Oliver, On 12/1/2015 12:32 AM, Olivier Doucet wrote: > Hello, > > I'm digging out this thread, because having multiple certificate for one > single domain (SNI) but with different key types (RSA/ECDSA) can really > be a great functionality. Is there some progress ? How can we help ? > In

Re: Two questions about lua

On Mon, 30 Nov 2015 18:03:00 +0100 joris dedieu wrote: > Thanks Thierry, for your answers. > > > 2015-11-30 16:53 GMT+01:00 Thierry FOURNIER : > > On Mon, 30 Nov 2015 08:37:00 +0100 > > joris dedieu wrote: > > > >>

Re: Contribution for HAProxy: Peer Cipher based SSL CTX switching

Hi Dave, On Tue, Dec 01, 2015 at 03:04:21PM +, Dave Zhu (yanbzhu) wrote: > I apologize for not responding sooner, I was waiting for more comments before > starting implementation, then this fell off my radar when other > responsibilities picked up. No problem, we're all in the same

Re: Contribution for HAProxy: Peer Cipher based SSL CTX switching

On 2015-12-01 02:03, Willy Tarreau wrote: On Mon, Nov 30, 2015 at 04:20:15PM -0800, Bryan Talbot wrote: If your clients are all "modern" browsers and mobile devices, you're probably good. If there are old clients, or other systems calling an API there can be issues especially if they are

SSLv2Hello is disabled

Hello, When HAProxy 1.5.9 is trying to sample our servers with this configuration: tcp-check connect port 50443 ssl Our servers returns an error: 2015-11-29 09:48:18,155 [StartPoint-IMAP-SSL-Worker(14)] [e8d05153-267f-4378-9a97-5245391ffe26] [] ERROR connection.SSLHandshakeStartPointListener