ср, 15 апр. 2020 г. в 16:41, <bindushree...@cognizant.com>: > Hi Team, > > > > We are in the process of using newer HAproxy version. > > Below is the scenario explained where we are stuck. > > > > · In RHEL 8.1 version, installed the latest version of the > application. > > haproxy-1.8.15-6.el8_1.1.x86_64 > > # yum info haproxy > > Red Hat Update Infrastructure 3 Client Configuration Server > 8 > 12 kB/s | 2.1 kB 00:00 > > Red Hat Enterprise Linux 8 for x86_64 - AppStream from RHUI > (RPMs) > 24 kB/s | 2.8 kB 00:00 > > Red Hat Enterprise Linux 8 for x86_64 - BaseOS from RHUI > (RPMs) > 21 kB/s | 2.4 kB 00:00 > > Installed Packages > > Name : haproxy > > Version : 1.8.15 > > Release : 6.el8_1.1 > > Architecture : x86_64 > > Size : 4.4 M > > Source : haproxy-1.8.15-6.el8_1.1.src.rpm > > Repository : @System > > From repo : rhel-8-appstream-rhui-rpms > > Summary : HAProxy reverse proxy for high availability environments > > URL : http://www.haproxy.org/ > > License : GPLv2+ > > Description : HAProxy is a TCP/HTTP reverse proxy which is particularly > suited for high > > : availability environments. Indeed, it can: > > : - route HTTP requests depending on statically assigned > cookies > > : - spread load among several servers while assuring server > persistence > > : through the use of HTTP cookies > > : - switch to backup servers in the event a main one fails > > : - accept connections to special ports dedicated to service > monitoring > > : - stop accepting connections without breaking existing ones > > : - add, modify, and delete HTTP headers in both directions > > : - block requests matching particular patterns > > : - report detailed status to authenticated users from a URI > > : intercepted from the application > > > > · So after this configuration file is updated with our > configurations. We need to use multiple certificates (SNI) hence used bind > option to verify the certificates under the folder. But receiving below > error please help us on priority. > > Attached configuration file for reference. > > Below is the error we are receiving. > > > > # haproxy -f /etc/haproxy/haproxy.cfg -c > > [ALERT] 105/113215 (5684) : parsing [/etc/haproxy/haproxy.cfg:33] : 'bind > *:443' unknown keyword 'ssl'. Registered keywords : > > [STAT] level <arg> > > [STAT] expose-fd <arg> > > [STAT] severity-output <arg> > > [ TCP] defer-accept > > [ TCP] interface <arg> > > [ TCP] mss <arg> > > [ TCP] tcp-ut <arg> > > [ TCP] tfo > > [ TCP] transparent > > [ TCP] v4v6 > > [ TCP] v6only > > [ TCP] namespace <arg> > > [ ALL] accept-netscaler-cip <arg> > > [ ALL] accept-proxy > > [ ALL] backlog <arg> > > [ ALL] id <arg> > > [ ALL] maxconn <arg> > > [ ALL] name <arg> > > [ ALL] nice <arg> > > [ ALL] process <arg> > > [ ALL] proto <arg> > > [UNIX] gid <arg> > > [UNIX] group <arg> > > [UNIX] mode <arg> > > [UNIX] uid <arg> > > [UNIX] user <arg> > > [ALERT] 105/113215 (5684) : parsing [/etc/haproxy/haproxy.cfg:36] : error > detected while parsing an 'http-request set-header' condition : unknown > fetch method 'ssl_fc' in ACL expression 'ssl_fc'. > > [ALERT] 105/113215 (5684) : Error(s) found in configuration file : > /etc/haproxy/haproxy.cfg > > Please check the error and configuration and let me know what needs to > done to fix the issue. > > > > > > > > Thanks, > > Bindushree D B > > > This e-mail and any files transmitted with it are for the sole use of the > intended recipient(s) and may contain confidential and privileged > information. If you are not the intended recipient(s), please reply to the > sender and destroy all copies of the original message. Any unauthorized > review, use, disclosure, dissemination, forwarding, printing or copying of >
hello. should we destroy this message ? > this email, and/or any action taken in reliance on the contents of this > e-mail is strictly prohibited and may be unlawful. Where permitted by > applicable law, this e-mail and other e-mail communications sent to and > from Cognizant e-mail addresses may be monitored. This e-mail and any files > transmitted with it are for the sole use of the intended recipient(s) and > may contain confidential and privileged information. If you are not the > intended recipient(s), please reply to the sender and destroy all copies of > the original message. Any unauthorized review, use, disclosure, > dissemination, forwarding, printing or copying of this email, and/or any > action taken in reliance on the contents of this e-mail is strictly > prohibited and may be unlawful. Where permitted by applicable law, this > e-mail and other e-mail communications sent to and from Cognizant e-mail > addresses may be monitored. >
