Le mer. 25 sept. 2024 à 17:37, Lukas Tribus <lu...@ltri.eu> a écrit :
> > With TLS 1.2 you can see that RSA+SHA1 is available. I was unable to > find a way to disable it in HAProxy config. Can you point me to the right > direction ? > > sigalgs are documented and its configuration statements are: > > client-sigalgs <sigalgs> > sigalgs <sigalgs> > ssl-default-bind-client-sigalgs <sigalgs> > ssl-default-bind-sigalgs <sigalgs> > > If you already tried those, please explain what exactly you tried and > how (sigalps haproxy configuration, versions as per haproxy -vv, etc). > > You are right ! These directives were introduced in HAProxy 2.8 and I'm using 2.4 right now (planning on 2.6 update in a few weeks). Can it be done on those versions, or should I update to 2.8 first ? Olivier
