Hi,
ok, thanks for the advice.
I have about 30 IPs on this partial server, so it seems that I am going
to need multiple front ends, each with its own bind statement.
As an fyi; I'm introducing haproxy in fromt of Apache on the same server.
- Travis
On 4/07/2015 3:46 pm, Lukas Tribus wrote:
>>
> Thanks Lukas,
>
> So its either SSLv3 is enable for all, or its disable for all?
No, you can disable it per bind line, only that you need to
do it the other way around, specifying no-sslv3 on all other
bind lines, not the one where you need sslv3 (and not in the
defaults).
Lukas
Thanks Lukas,
So its either SSLv3 is enable for all, or its disable for all?
Is there a way to have SSLv3 enabled for one backend only?
- Travis
On 4/07/2015 1:01 am, Lukas Tribus wrote:
> Hi,
>
>
>> Hi there,
>>
>> I'm running haproxy 1.5.12 and I have set 'ssl-default-bind-options
>> no-ss
Hi,
> Hi there,
>
> I'm running haproxy 1.5.12 and I have set 'ssl-default-bind-options
> no-sslv3 no-tlsv10' (without the quotes of course) under the global
> section as I want all my front-ends not to support SSLv3 or TLS1.0.
>
> However I do have a client that still requires SSLv3 suppor
4 matches
Mail list logo