18-38 is fine, 18-39 it is broken. 18-39 would be the commit
http://git.1wt.eu/web?p=haproxy.git;a=commit;h=7c41a1b59b005a75914121a604ede449374b8de7 I've removed the other parts of the config, but the relevant sections are of the haproxy.cfg look like local@haproxy-2:~$ cat /etc/haproxy/haproxy.cfg global log 127.0.0.1 local0 log 127.0.0.1 local1 notice #log loghost local0 info maxconn 4096 stats socket /var/run/haproxy.stat mode 600 level admin chroot /usr/share/haproxy daemon #debug #quiet defaults mode http contimeout 5000 clitimeout 360000 srvtimeout 360000 frontend sslexplorerHTTP mode http bind 10.201.253.207:80 option tcpka default_backend BsslexplorerHTTP frontend sslexplorerHTTPS mode http bind 10.201.253.207:443 ssl crt /etc/haproxy/ssl.primarydomain.com.crt ciphers RC4:HIGH:!aNULL:!MD5; option tcpka default_backend BsslexplorerHTTPS backend BsslexplorerHTTP mode http option ssl-hello-chk option tcpka option persist option redispatch stick-table type ip size 1024k expire 30m stick on src server sslexplorer 10.201.253.56 weight 200 check port 443 inter 5000ms rise 3 fall 2 backend BsslexplorerHTTPS mode http option ssl-hello-chk option tcpka option persist option redispatch stick-table type ip size 1024k expire 30m stick on src server sslexplorer 10.201.253.56 ssl weight 200 check port 443 inter 5000ms rise 3 fall 2 listen stats :7000 stats enable stats uri / option httpclose stats auth haproxy:haproxy stats admin if TRUE I don't get much in the way of an error in the SSL Explorer agent beyond a popup saying "The SSL-Explorer Agent failed connect" and the web page displays "failed to sync" Cheers Arne