Hi William.
On 2025-04-17 (Do.) 10:00, William Lallemand wrote:
On Thu, Apr 17, 2025 at 09:23:17AM +0200, Aleksandar Lazic wrote:
When I take a look into that commit looks to me that some fetches are
similar from JA3 commit
https://git.haproxy.org/?p=haproxy.git;a=commitdiff;h=959a48c1167a4893796ed568d3864536e7e044f2
Just for my couriosity what's the difference between the
`smp_fetch_ssl_cipherlist` and `ssl_fc_cipherlist_*`.
Hello Aleks,
This is used when the SSL traffic pass through haproxy in "mode tcp" without
being deciphered.
The ssl_fc_* fetches are using the OpenSSL stack to get information when
HAProxy is the SSL endpoint, where the
req.ssl_* are parsing the ClientHello directly when the SSL pass through.
Thank you for the detailed explanation.
Regards
Aleks
