Hi Arne,
I ran sudo haproxy -d -f /etc/haproxy/haproxy.cfg haproxy-d.log
21 to capture the log output, I can't see anything obvious...
In fact, I don't see anything wrong with these logs ...
Looking at the bisected commit, I highly suspect a SNI related regression.
I assume SSLexplorer
On Fri, May 31, 2013 at 9:41 AM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne,
I ran sudo haproxy -d -f /etc/haproxy/haproxy.cfg haproxy-d.log
21 to capture the log output, I can't see anything obvious...
In fact, I don't see anything wrong with these logs ...
Looking at the bisected
Apologies for not making this clearer, it is the SSLExplorer _Agent_ that
fails.
By agent you mean the client which is on the frontend from a HAProxy
perspective?
I can spin up an XP VM and test that IE 6 can connect to the
SSLExplorer web interface over HAProxy 18-39 but as I'm not using
Hi,
My bad…
This fix should solve the issue
diff -ru haproxy-ss-20130530/src/ssl_sock.c
haproxy-ss-20130530-fix/src/ssl_sock.c
--- haproxy-ss-20130530/src/ssl_sock.c 2013-05-29 15:54:14.0 +0200
+++ haproxy-ss-20130530-fix/src/ssl_sock.c 2013-05-31 12:00:38.542448533
+0200
@@
Arne, Emmanuel,
I can successfully reproduce the issue with an old wget build on win32.
It seems to me the SSL_TLSEXT_ERR_ALERT_WARNING is upsetting certain clients.
Arne, could you try the following patch on top of currend HEAD.
Emmanuel, could you share your thoughts about this?
Regards,
On Fri, May 31, 2013 at 11:14 AM, Lukas Tribus luky...@hotmail.com wrote:
Arne, Emmanuel,
I can successfully reproduce the issue with an old wget build on win32.
It seems to me the SSL_TLSEXT_ERR_ALERT_WARNING is upsetting certain clients.
Arne, could you try the following patch on top of
Hi Arne,
just git pull, the fix was committed 10 minutes ago (dev18-53).
Lukas
On Fri, May 31, 2013 at 1:12 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne,
just git pull, the fix was committed 10 minutes ago (dev18-53).
Lukas
18-53 works :-)
Many thanks
Arne
Hi Arne!
I'd be very happy to step through individual 1.5dev18 releases after
30 untill I find the one that breaks SSL Explorer, but I have a
slight problem in that I haven't got a clue on how to check out each
individual release from git.
You can use git bisect to do this:
On Thu, May 30, 2013 at 1:28 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne!
I'd be very happy to step through individual 1.5dev18 releases after
30 untill I find the one that breaks SSL Explorer, but I have a
slight problem in that I haven't got a clue on how to check out each
18-38 is fine, 18-39 it is broken.
18-39 would be the commit
http://git.1wt.eu/web?p=haproxy.git;a=commit;h=7c41a1b59b005a75914121a604ede449374b8de7
I've removed the other parts of the config, but the relevant sections
are of the haproxy.cfg look like
local@haproxy-2:~$ cat
On Thu, May 30, 2013 at 2:53 PM, shouldbe q931 shouldbeq...@gmail.com wrote:
18-38 is fine, 18-39 it is broken.
18-39 would be the commit
http://git.1wt.eu/web?p=haproxy.git;a=commit;h=7c41a1b59b005a75914121a604ede449374b8de7
working version haproxy -vv
HA-Proxy version 1.5-dev18-38
Hi Arne,
can you start haproxy with the debug options enabled (-d) and catch the
output while a request fails?
Thanks,
Lukas
On Thu, May 30, 2013 at 3:11 PM, Lukas Tribus luky...@hotmail.com wrote:
Hi Arne,
can you start haproxy with the debug options enabled (-d) and catch the
output while a request fails?
Thanks,
Lukas
I ran sudo haproxy -d -f /etc/haproxy/haproxy.cfg haproxy-d.log
21 to capture the log
14 matches
Mail list logo
