Hello gentleman, I was advised to send this your way (
http://discourse.haproxy.org/t/haproxy-core-dumps-on-solaris-sparc/1197/2)
This is probably an issue with the way I'm compiling it (which is here:
https://pastebin.com/htEZTwBM) but I'm getting an immediate core dump when
running haproxy
Hi. When we use applet, haproxy negociate the conection. (Http version /
keepalive). So if the keepalive is enabled and it is accepted by the
client, haproxy use keepalive and remove the header close.
If you don't want keepalive, remove it from the haproxy configuration.
Thierry
Le 27 avril
Currently we unconditionally set SSL_OP_CIPHER_SERVER_PREFERENCE [1],
which may not always be a good thing.
The benefit of server side cipher prioritization may not apply to all
cases out there, and it appears that the various SSL libs are going away
from this recommendation ([2], [3]), as
> Le 28 avr. 2017 à 16:51, Emeric Brun a écrit :
>
> Hi Manu,
>
>>>
>>
>> yes, i delayed this change (lack of time).
>> last patch with 'ssl-min-ver' and 'ssl-max-ver' with argument SSLv3,
>> TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3
>>
>> Manu
>>
>>
>
> Could you please
Hi Emeric, Willy
Up the thread with a compatible configuration view.
1) force-xx force-tlsv12 no-tlsv12
old: do a force-tlsv12 (no-xx ignored without warning)
new: warning "all SSL/TLS versions are disabled »
It’s not a good configuration, but… It can be changed with:
. no-xx ignored when
Hi Manu,
>>
>
> yes, i delayed this change (lack of time).
> last patch with 'ssl-min-ver' and 'ssl-max-ver' with argument SSLv3,
> TLSv1.0, TLSv1.1, TLSv1.2 or TLSv1.3
>
> Manu
>
>
Could you please rebase your patch set on the master and split them by
features. The latest feature seems
---
A few doc and code comment updates bumping RFC references to the new
ones.
---
doc/configuration.txt | 12 ++--
include/common/defaults.h | 2 +-
include/proto/proto_http.h | 2 +-
include/types/proto_http.h | 4 ++--
src/haproxy.c | 4 ++--
src/proto_http.c
Hello everyone,
we are currently evaluating HAProxy 1.7.5 as a load balancer for one of
our applications. To try out how it is performance wise on Solaris 11 we
set up a small test environment of three zones containing:
1x HAProxy zone using this config (https://pastebin.com/pRkS1awt)
2x
Hi Grant,
>>>
>>
>> I've made a POC of a soft async engine. Based on dasync engine it launchs a
>> thread on priv_rsa_enc to spread the load on multiple cores.
>>
>> Regarding openssl s_server it is efficient and scale very well depending the
>> number of core (1700 rsa2048/s on one core, 7400
Hello!
I am managing a few haproxy instances that each manage a good number of domains
and do the TLS termination on behalf of what you might call “hosted” sites.
Most of the clients connecting to these haproxys implement certificate pinning
and verify that the certificate presented by the
10 matches
Mail list logo