"Did you identify why the fork was causing an issue? We should probably
try to understand this before, it could be something stupid in haproxy's
code or in the pkcs11 provider."
- PKCS#11 drivers contain session objects and handles to private keys in
the HSM; these session objects and handles
Hi Willy,
On Thu, 28 Mar 2024 04:37:11 +0100
Willy Tarreau wrote:
> Thanks guys! So there seems to be an annoying bug. However I'm not sure
> how this is related to your "connection refused", except if you try to
> connect at the moment the process crashes and restarts, of course. I'm
> seeing
On Thu, Mar 28, 2024 at 08:26:58AM +0800, Richard Chan wrote:
> Hello,
>
> This is an RFC to recreate private keys in the worker process
> for PKCS#11, so that HSM keys can be used in -W mode.
>
> - ssl_ckch.c: add map of ckch_data to PEM data
> - ssl_sock.c: add map of SSL_CTX* to ckch_data
> -
Thanks Lokesh, Abhijeet and Aleksandar for your feedback. This truly help us.
Thanks too to Pierre and Mattia for their feedback on the request mirroring.
Rest assured that we take this into account in our reflections.
After some internal discussions and also regarding to feedback we had
Hi list,
We have a few usages of SPOE, mainly:
* HTTP traffic mirroring. It's being discussed on GH, more details here:
https://github.com/haproxy/haproxy/issues/2471#issuecomment-2007261494
* authentication (because we used to have 2 auth methods and it helped
developing one backend to handle
On Wed, Mar 27, 2024 at 02:34:25PM +, Damien Claisse wrote:
> When adding a server dynamically, we observe that when a backend has a
> dynamic persistence cookie, the new server has no cookie as we receive
> the following HTTP header:
> set-cookie: test-cookie=; Expires=Thu, 01-Jan-1970
6 matches
Mail list logo
