The idea came to me that my haproxy server could possibly not ipv6 capable and Ichange the config to thais here:
frontend http-in
# bind *:80
bind :::80 v4v6
# bind *:443 ssl crt /etc/haproxy/certs/www.mydomain.org.pem
bind :::443 v4v6 ssl crt /etc/haproxy/certs/www.mydomain.org.pem
bind quic4@0.0.0.0:443 name quic443 ssl crt
/etc/haproxy/certs/www.mydomain.org.pem proto quic alpn h3,h3-29,h3-28,h3-27
npn h3,h3-29,h3-28,h3-27 allow-0rtt curves secp521r1:secp384r1
Would that be sufficient and correct? Or would the bind quic4@0.0.0.0:443 line
require a change too?
--
Christoph
smime.p7s
Description: S/MIME cryptographic signature
