On 3/11/19 11:51 AM, Emeric Brun wrote:
Mode async is enabled on both sides, server and frontend side.
But on server side, haproxy is using session resuming, so there is a new key
computation (full handshake with RSA/DSA computation) only every 5 minutes
(openssl default value).
You can force to recompute each time setting "no-ssl-reuse" on server line, but
it will add a heavy load for ssl computation on the server.
Indeed, setting no-ssl-reuse makes use of QAT for healthchecks.
Looks like finally we are ready for QAT testing.
Thank you Emeric.
Regards,
Marcin Deranek