Hello everyone!
I've moved off AWS ELB today to HAProxy 1.5dev18. I'm doing SSL
termination at the LB and I'm encountering a rather large number of
messages such as:
- SSL Handshake failure
- Timeout during SSL handshake
- Connection closed during SSL handshake
The problem is similar to the one I've found in the archives about 2
weeks ago (http://marc.info/?l=haproxy&m=137158875803495&w=2), but
unfortunately I'm unable to debug this. I'm trying to clarify if these
are errors that are normal and I just didn't see on ELB, or if there's
anything to do to better configure HAProxy. As far as I can see in the
logs, some hosts are able to connect successfully sometimes, and with
errors other times. Hosts that have errors tend to have more errors than
successful requests. Also, almost of the devices accessing this service
are Android and iOS devices.
I'm using a free StartSSL certificate.
I've posted the relevant haproxy.cfg lines below. Any ideas are extremly
welcome!
defaults
option accept-invalid-http-request
option httplog
log global
mode http
option http-server-close
option redispatch
timeout connect 60000ms
timeout client 60000ms
timeout server 60000ms
frontend www_secure
mode http
bind 0.0.0.0:443 ssl crt CERTNAME1.pem crt CERTNAME2.pem
(acl's directing traffic to 2 backends)
--
Andrei Marinescu