Wow, Many thanks!I implement these configurations, I will keep you
updated!
Best Regards,Domenico
Il giorno mar, 21/04/2020 alle 10.19 +0200, William Lallemand ha
scritto:
> On Tue, Apr 21, 2020 at 10:07:27AM +0200, Domenico Briganti wrote:
> > Thanks William, yes, the reload of haproxy is a
On Tue, Apr 21, 2020 at 10:07:27AM +0200, Domenico Briganti wrote:
> Thanks William, yes, the reload of haproxy is a feasible way, I hadn't
> noticed.I have just one doubt, since I update the crl every day and I
> have mqtt connections that can stay connected for days, at the end I
> can have
Thanks William, yes, the reload of haproxy is a feasible way, I hadn't
noticed.I have just one doubt, since I update the crl every day and I
have mqtt connections that can stay connected for days, at the end I
can have many haproxy process running, one a day, until all old
connection (of that
Hello,
On Mon, Apr 20, 2020 at 03:15:57PM +0200, Domenico Briganti wrote:
> Ciao Marco, thanks for your help.
> We've found the problem, we do need also the CRL from ROOT CA on top of
> the file passed to crl-file parameter, thant contein already the
> intermediate crl.
> But now we have
Ciao Marco, thanks for your help.
We've found the problem, we do need also the CRL from ROOT CA on top of
the file passed to crl-file parameter, thant contein already the
intermediate crl.
But now we have another challenges, but we're going to loose this time
as already discussed in [1] and [2].
Hi!
Il 17/04/20 18:43, Davide Guarneri ha scritto:
crt /etc/haproxy/ssl/cert.pem ca-file /etc/haproxy/ssl/ca-chain.cert.pem
verify required crl-file /etc/haproxy/ssl/intermediate.crl.pem
I would verify how the certificates and the keys are placed in the files.
/etc/haproxy/ssl/cert.pem must
Hello everyone,
I'm trying to setup haproxy to handle TLS request with mutual
authentication and CRL,
here's an extract of the current configuration:
```
frontend mqtts_frontend
bind *:8883 ssl crt /etc/haproxy/ssl/cert.pem ca-file
/etc/haproxy/ssl/ca-chain.cert.pem verify required
7 matches
Mail list logo