Hi, We have an issue in haproxy > 1.8 on CentOS when using SSL in the server configuration. Haproxy sometimes logs a http status code "-1" followed by the termination_state SDxx. This happens every few requests. When using one backend, the clients don't notice it. When using multiple backends, this can result in redirecting traffic to the wrong backend (the proxy inserts a cookie to track which backend is used).
Removing the SSL configuration and using plain http solves the issue, as does downgrading to version 1.7. This is our backend configuration: backend backend_name option httpchk GET / HTTP/1.0 option forwardfor rspdel ^Strict-Transport-Security:.* mode http balance roundrobin option httpclose cookie HTTPSERVERID insert nocache indirect httponly secure server servername ip.add.rr.ess:portnumber cookie servername check inter 8000 fall 5 rise 2 maxconn 1024 ssl verify required verifyhost hostname ca-file /etc/pki/haproxy/cafile.pem The backend (Apache in this case) does not log any problems. Any insights would be welcome, Thanks, Bart
signature.asc
Description: OpenPGP digital signature