Hi list
I'm using haproxy to redirect traffic directly to backend server. We are
looking how to load balance sql servers directly, and this works, but I
don't know how to add ssl support.
I'm using this config setup and works fine
listen mysql-cluster
bind 0.0.0.0:3307 ssl crt /etc/ssl/certs/cert.pem
mode tcp
option mysql-check user admin
server mysql1 192.168.1.110:3307
The only point where is failing is justly ssl support. Can someone help me
with code to see where is the problem?
Line around ssl only works If remove ssl cert:
bind 0.0.0.0:3307 # ssl crt /etc/ssl/certs/cert.pem
Haproxy only needs to connects to a beckend server with mysql using port
3307 and our objective is to enable ssl support
in global section we have
ssl-default-bind-ciphers
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
I can't see where can be the problem, any idea?
Thanks
--
