Hi, This patch depend of " [Patches] TLS methods configuration reworked ยป.
Actually it will only work with BoringSSL because haproxy use a special ssl_sock_switchctx_cbk with a BoringSSL callback to select certificat before any handshake negotiation. This feature (and others depend of this ssl_sock_switchctx_cbk) could work with openssl 1.1.1 and the new callback https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_early_cb.html. ++ Manu
0001-MINOR-ssl-support-ssl-min-ver-and-ssl-max-ver-with-c.patch
Description: Binary data
