Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-27 Thread Markus Rietzler
Markus, please follow Willy's advise and remove all force-* configurations from your bind line, you should use no-sslv3/no-tlsv1[0-2] keywords to configure specific TLS version, but in this case, as long as you troubleshooting this, I strongly suggest to not configure any specific TLS

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-24 Thread Markus Rietzler
Am 23.04.14 22:59, schrieb Willy Tarreau: Hi again Markus, I've checked my own logs and found SSL handshake failures starting on April 8th, or the day after Heartbleed was disclosed, as can be seen below with the number of errors per day : # err date 2 Mar 27 2 Mar 28

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-24 Thread Markus Rietzler
Am 24.04.14 03:19, schrieb Stefan: We also have a lot of SSL handshake failure records in log file Here some details on configs: - haproxy -vv: HA-Proxy version 1.5-dev23-8317b28 2014/04/23 Copyright 2000-2014 Willy Tarreau w...@1wt.eu Build options : TARGET = linux2628 CPU

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-24 Thread Apollon Oikonomopoulos
Hi all, On 22:59 Wed 23 Apr , Willy Tarreau wrote: Hi again Markus, I've checked my own logs and found SSL handshake failures starting on April 8th, or the day after Heartbleed was disclosed, as can be seen below with the number of errors per day : # err date 2 Mar 27

RE: haproxy-1.5-dev23 and ssl handshake failure

2014-04-24 Thread Lukas Tribus
Hi, I've checked my own logs and found SSL handshake failures starting on April 8th, or the day after Heartbleed was disclosed, as can be seen below with the number of errors per day : Yes, please everyone specify whether there are actually users reporting this behavior, or if this is a log

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-24 Thread Stefan
Hello, Here the configuration: global daemon pidfile /var/run/haproxy-3.pid maxconn 25 tune.bufsize8024 log 127.0.0.1 local0 defaults log global mode http option httplog #option dontlognull option dontlog-normal no option httpclose

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-23 Thread Willy Tarreau
Hi Markus, On Wed, Apr 23, 2014 at 08:00:21PM +0200, Markus Rietzler wrote: today i have switch to dev23. everything is working very well in our environment. haproxy works perfect in http mode. load balancing our two backend servers with master/slave and backup setup. i also use haproxy

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-23 Thread Willy Tarreau
Hi again Markus, I've checked my own logs and found SSL handshake failures starting on April 8th, or the day after Heartbleed was disclosed, as can be seen below with the number of errors per day : # err date 2 Mar 27 2 Mar 28 1 Mar 29 2 Mar 30 3 Mar 31 3

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-23 Thread Stefan
Hello, We also have the same issue. A lot of SSL handshake failure records in log file.

Re: haproxy-1.5-dev23 and ssl handshake failure

2014-04-23 Thread Stefan
We also have a lot of SSL handshake failure records in log file Here some details on configs: - haproxy -vv: HA-Proxy version 1.5-dev23-8317b28 2014/04/23 Copyright 2000-2014 Willy Tarreau w...@1wt.eu Build options : TARGET = linux2628 CPU = native CC = gcc CFLAGS = -m64