Hello Ben,
On Wed, 3 Nov 2021 at 12:55, Ben Hart wrote:
>
> Thanks again Lukas!
> So the server directive's use of a cert or CA file is only to
> verify the identity of the server in question.
No, "crt" (a certificate including private key) and "ca-file" (the
public certificate of a CA) are two
Thanks again Lukas! So the server directive's use of a cert or CA file is only
to verify the identity of the server in question. So the SSL crt speciied in
the frontend, does that secure only the connection to Haproxy or is it
passed-through to the server connection as well? I might be misunder
Hello Ben,
On Wed, 3 Nov 2021 at 03:54, Ben Hart wrote:
>
> I wonder, can I ask if the server directives are correct insofar as
> making a secured connection to the backend server entries?
>
> I'm told that HAP might be connecting by IP in which case the
> SSL cert would be useless
The document
Oh nice.. Thanks for the second set of eyes Lukas. So funnily enough I was
planning on doing a capture.. I just don’t have access to a system in that
environment yet. So since I'm on the topic of the config syntax... I wonder,
can I ask if the server directives are correct insofar as making a
Hello,
On Tue, 2 Nov 2021 at 21:24, Ben Hart wrote:
>
> In the config (pasted here
> https://0bin.net/paste/1aOh1F4y#qStfT0m0mER3rhI3DonDbCsr0NRmVuH9XiwvagEkAiE)
> My questions surround the syntax of the config file..
Most likely those clients don't send SNI. Capture the SSL handshake
and ver
Hey all! So I’m setting up.. or have setup rather.. a few new production load
balancer servers to be used for handling LDAPS connections. Anyway last week
I encountered some client requests that were directed at ldaps.domain.com:636
and were given the wrong SSL cert. In the config (pasted her
6 matches
Mail list logo
