@PaulR wrote:
Hi I have installed openssl 1.1.1 and then installed haproxy2.0.4. All looks good from haproxy side
with haproxy -vv showing
oot@aasfproxy1wlg:/etc/haproxy# haproxy -vv
HA-Proxy version 2.0.4 2019/08/06 - https://haproxy.org/
Built with multi-threading support (MAX_THREADS=64, default=8).
Built with OpenSSL version : OpenSSL 1.1.1 11 Sep 2018
Running on OpenSSL version : OpenSSL 1.1.1 11 Sep 2018
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Hapoxy.cfg ssl options are
ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11SSL is being offloaded at haproxy but the website still reports tls1.2
Any help would be appreciated. Thanks.
Posts: 2
Participants: 2