Hi Volker,
> Sometimes, the Serverhello/Clienthello contains an empty session ID.
> Is it possible that HAProxy has problems with this behaviour?
If there is no session id, HAproxy can't fix the session to a server.
> Any idea?
There is a good chance that your backend supports both SSL session
resumption *and* TLS tickets. In case TLS tickets hops in, SSL session
will not be used and HAProxy therefor can't stick to the correct
server.
Disabling TLS Tickets on your backend could fix that particular issue.
Regards,
Lukas
