Hello Everyone,
I'm building an environment using HAProxy and I'd love to use the new SSL
capability in 1.5. Seeing that's it hasn't been released to stable yet, I
wanted to find out if the features I'm using can be considered "complete" for
1.5.
I'm using HAProxy to perform the following:
-
Hi,
I'm trying to follow this blog post:
http://blog.exceliance.fr/2012/10/03/ssl-client-certificate-management-at-application-level/,
but I can't get the client certificate to work with 1.5dev18.
Specifically, I get these errors:
139701807867552:error:14094418:SSL routines:SSL3_READ_BYTES:tls
Hello,
I make a search on internet and found your web site (http://haproxy.1wt.eu/).
We are IT Company and I'm Looking some solution for my customers.
I want put on my farm server (or couple of servers) that will be front-end
server for my customers web sites.
It's mean that all connection from
Hi,
Did you run a make clean before compiling?
Baptiste
On Mon, Apr 8, 2013 at 4:21 PM, wrote:
> Hello Guys my name is Mark.According to that topic i think that haproxy was
> modified in debian, but not Ubuntu.I've asked for have the program synced so
> we'll have the latest for 11.10.For mo
Hi,
Doesn't seem doable for now.
But might not be too complicated to add.
Maybe Emeric can confirm ;)
Baptiste
On Mon, Apr 8, 2013 at 12:12 PM, Georg Leciejewski wrote:
> Is there any way to use req_ssl_sni to route to a wildcard subdomains site?
> I know i can terminate ssl to inspect the requ
Hi,
You can add conditions through ACLs and decide to reqdel/reqdeny IF or
UNLESS the acl matched.
It may worth a try.
Baptiste
On Mon, Apr 8, 2013 at 2:56 PM, Hannes Haug wrote:
> Hi all
>
> Reqdel/reqidel delete all headers matching a regex and reqdeny/reqideny deny
> an HTTP request if a lin
Hi all
Reqdel/reqidel delete all headers matching a regex and reqdeny/reqideny
deny an HTTP request if a line matches a regex. That's a blacklist approach.
Are whitelists denying a request if a line _doesn't_ match a regex and
deleting all headers _not_ matching a regex also possible?
Thanks
H
Dear Manufacturer,
How are you today?
we are buyer of several products in the region of Europe, America and Asia. We
are interested in your product and would like more detailed information about
your product and company.
Attached is our purchase order (PO) we made for you, please check it and
Can you recompile with the debug option and without compiler optimizations,
create a coredump and backtrace it:
# compile (debug + no optimizations)
make DEBUG=-DDEBUG_FULL CFLAGS="-g -O0" TARGET=[...]
# reise ulimit
ulimit -c 75000
# enable coredumping
echo 2 > /proc/sys/fs/suid_dumpable
#
On 4/8/13 6:19 AM, Will Glass-Husain wrote:
Hi,
I've set up two identical instances of haproxy, using a peer table. I
know they are identical because I cloned them from the same EC2 image.
(I edited the config file by hand, but ran a diff to be sure it's the
same).
The problem is that wh
Hi,
I've set up two identical instances of haproxy, using a peer table. I know
they are identical because I cloned them from the same EC2 image. (I
edited the config file by hand, but ran a diff to be sure it's the same).
The problem is that while one instance starts up fine, the other starts,
Is there any way to use req_ssl_sni to route to a wildcard subdomains site?
I know i can terminate ssl to inspect the request but i dont want to send
http to the public backends. And decoding for routeing and encoding of the
routed request does not feel right too.
If req_ssl_sni is able to look at
Yes, it did solve the issue, THANK YOU!! :)
---
unai
On 2013-04-08 00:39, Baptiste wrote:
Hi,
I'm glad I was able to help you.
If it solved your issue, please answer back with the ML in Cc.
so google will archive it and everybody can use this tip as well.
Baptiste.
On Mon, Apr 8, 2013 at 7:
Thanks very much.
1) Sorry, my error was "stick store-request set-cookie(myCookie)" - it should
have been "cookie" (not "set-cookie").
Now it works, sorry to have bothered you.
2) I don't need a cluster of HAProxies, just one HAProxy with stickiness. So
it's okay to work without "peers", isn't
15 matches
Mail list logo