oops, I still had the link to the pastebinit, which doesn't work on
binary files.
https://dropsha.re/files/orange-hound-85/64443-traffic.default.cap
https://dropsha.re/files/angry-dragon-19/64443-traffic.baz.cap
Looks alright. Can you configure logging and check the result:
global
I tried the most naïve approach, but it doesn't output anything as I make
curl requests
sudo ssldump \
-k
/usr/local/lib/node_modules/serve-https/node_modules/localhost.daplie.com-certificates/certs/server/my-server.key.pem
So I thought maybe I *must* supply an interface
sudo
To limit verbosity I just captured one full request where it succeeded
and then another when it didn't
# this is the one that worked as expected
pastebinit dump.1.tls.bin
http://paste.ubuntu.com/11811750/
# this is the one that went to default anyway
sudo haproxy -db -f /etc/haproxy/haproxy.cfg
Backend IPs are 0.0.0.0. Thats probably not what you want.
Should be 127.0.0.1 if I understand correctly.
I've edited /etc/hosts so that baz.example.comhttp://baz.example.com
points to 127.0.0.1
I've created a few bogus servers
Yes, I did switch the frontends from 0.0.0.0 to 127.0.0.1 and restarted the
server.
sudo haproxy -db -f /etc/haproxy/haproxy.cfg
sudo tcpdump -ps0 -i lo -w 64443-traffic.0.cap tcp port 64443
curl --insecure https://baz.example.com:64443
dropshare 64443-traffic.default.cap
oops, I still had the link to the pastebinit, which doesn't work on binary
files.
https://dropsha.re/files/orange-hound-85/64443-traffic.default.cap
https://dropsha.re/files/angry-dragon-19/64443-traffic.baz.cap
AJ ONeal
(317) 426-6525
I tried a few requests
curl --insecure https://baz.example.com:64443
baz on 3443
curl --insecure https://baz.example.com:64443
baz on 3443
curl --insecure https://baz.example.com:64443
baz on 3443
curl --insecure https://baz.example.com:64443
Default on 1443
It looks like you have 2 haproxy processes listening on port 64443. Can
you verify that the pid 18887 is not a previous haproxy process still
running, with an older configuration routing to foo_bk_default ?
Maybe you should kill it and relaunch your tests.
Ba that was it!
sudo
Hi,
Le 02/07/2015 23:25, AJ ONeal (Home) a écrit :
I tried a few requests
curl --insecure https://baz.example.com:64443
baz on 3443
curl --insecure https://baz.example.com:64443
baz on 3443
curl --insecure https://baz.example.com:64443
baz on 3443
curl
I dug a little deeper and found this:
https://transloadit.com/blog/2010/08/haproxy-logging/
And after modifying the log file, I don't get much better, but at least I
don't get the ALERT messages:
sudo cat /var/log/haproxy_1.log
Jul 2 21:39:51 localhost haproxy[27997]: message repeated 3
10 matches
Mail list logo
