Hi Baptiste, On Sat, Jan 05, 2013 at 03:35:03PM +0100, Baptiste wrote: > I'm a the 'bedis' of the IRC channel :) > > > Does the problem disappear when you remove the no-tlsv11/12 options above ? > > By using these options, you force the browser to use TLSv1.0 or SSLv3 only. > > Maybe you are not doing the exact same thing in your nginx setup. > > I asked Steve to try this because I found on chrome forums that chrome > may have issues with TLSv1.1 and v1.2. > but it did not improve anything.
OK thank for clarifying. Steve sent me a network capture showing TLSv1 Encrypted Alerts sometimes coming from haproxy, sometimes coming from chrome. That's rather strange, as encrypted alerts mean that some garbage was received by one end or the other. We're still investigating... Willy
