Hi,
lately I had to define multiple acls in our pfsense box runnign HaProxy 1.6.x.
The challenge was to configure a frontend with multiple URLs as ACLs and also
limit IPs to some URLs and some other avaiable to any or a different set of IPs.
Example:
a_url1 --> host match
Hi Georg,
tried this already without effect.
- Julian
-Ursprüngliche Nachricht-
Von: Georg Faerber [mailto:ge...@riseup.net]
Gesendet: Mittwoch, 30. August 2017 11:51
An: haproxy@formilux.org
Betreff: Re: Enable SSL Forward Secrecy
On 17-08-30 09:33:23, Julian Zielke wrote:
>
-EDE-CBC-SHA
Von: Julian Zielke [mailto:jzie...@next-level-integration.com]
Gesendet: Mittwoch, 30. August 2017 12:23
An: Daniel Schneller <daniel.schnel...@centerdevice.com>
Cc: Georg Faerber <ge...@riseup.net>; haproxy+h...@formilux.org
<haproxy@formilux.org>
Betreff: AW:
An: Julian Zielke <jzie...@next-level-integration.com>
Cc: haproxy+h...@formilux.org <haproxy@formilux.org>
Betreff: Re: Enable SSL Forward Secrecy
Hi,
You might want to include a link to your Qualys results to help others see what
exactly they say.
At a casual glance the ciphers looks ok,
.
* Julian
Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 11:58
An: Julian Zielke <jzie...@next-level-integration.com>
Cc: Georg Faerber <ge...@riseup.net>; haproxy+h...@formilux.org
<haproxy@formilux.org>
Betreff: Re: Enable S
Hi,
I'm struggeling with enabling SSL forward secrecy in my haproxy 1.7 setup.
So far the global settings look like:
tune.ssl.default-dh-param 2048 # tune shared secred to 2048bits
ssl-default-bind-options force-tlsv12 no-sslv3
ssl-default-bind-ciphers
* Julian
Von: Daniel Schneller [mailto:daniel.schnel...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 12:21
An: Julian Zielke <jzie...@next-level-integration.com>
Cc: Georg Faerber <ge...@riseup.net>; haproxy+h...@formilux.org
<haproxy@formilux.org>
Betreff: Re: Enable S
An: Julian Zielke <jzie...@next-level-integration.com>
Cc: Georg Faerber <ge...@riseup.net>; haproxy+h...@formilux.org
<haproxy@formilux.org>
Betreff: Re: Enable SSL Forward Secrecy
Well, that’s quite extensive.
But still, the server at
portal-vonovia.next-level-apps
...@centerdevice.com]
Gesendet: Mittwoch, 30. August 2017 15:54
An: Cyril Bonté <cyril.bo...@free.fr>
Cc: Julian Zielke <jzie...@next-level-integration.com>;
haproxy+h...@formilux.org <haproxy@formilux.org>
Betreff: Re: Enable SSL Forward Secrecy
Darn! Looking at the “openssl cipher
Hi Cyril,
tired it without success. Maybe HaProxy isn't just capable of doing this.
Julian
-Ursprüngliche Nachricht-
Von: Cyril Bonté [mailto:cyril.bo...@free.fr]
Gesendet: Mittwoch, 30. August 2017 14:49
An: Julian Zielke <jzie...@next-level-integration.com>
Cc: haproxy@formil
10 matches
Mail list logo