HAProxy 3.1 with OpenSSL 3.0 vs AWS-LC v1.42

Hello, Sorry for my lengthy post, but I wanted to give as much info upfront as possible, since it takes a bunch of guesswork out of it! I've recently started testing a combo of HAProxy 3.1 and Varnish 7.6 for some content delivery / offloading, and I'm a bit curious if people have any data/sug

Re: RSA & ECC certificates bundling on the same ip with aws-lc

Hello William, Thanks for the prompt reply. So, as 3.1 is not LTS version, that would mean we would need to wait for release of 3.2 which is hopefully soon Thanks again! On 08/01/2025 16:31, William Lallemand wrote: Hello Andrii, On Wed, Jan 08, 2025 at 04:23:56PM +0100, Andrii Ustymenko w

[ANNOUNCE] haproxy-3.1.2

Hi, HAProxy 3.1.2 was released on 2025/01/08. It added 56 new commits after version 3.1.1. As usual, several bugs were fixed by this released. On QUIC side, the BBR implementation was improved by fixing some minor issues. It is not surprising. BBR was added at the end of the 3.1 development cyc

RSA & ECC certificates bundling on the same ip with aws-lc

Dear list, As of now haproxy supports hosting different types of certificates on the same ip with certificates bundling: https://docs.haproxy.org/3.0/configuration.html#ssl-load-extra-files That works fine with Openssl library, but doesn't seem to work with aws-lc ssl library. When haproxy

Re: RSA & ECC certificates bundling on the same ip with aws-lc

Hello Andrii, On Wed, Jan 08, 2025 at 04:23:56PM +0100, Andrii Ustymenko wrote: > Dear list, > > As of now haproxy supports hosting different types of certificates on the > same ip with certificates bundling: > https://docs.haproxy.org/3.0/configuration.html#ssl-load-extra-files > > That works f

Re: HAProxy 3.1 with OpenSSL 3.0 vs AWS-LC v1.42

Please note that ppa is built using USE_QUIC_OPENSSL_COMPAT=1 which is not fully QUIC, but a simulated QUIC on top of OpenSSL. it misses QUIC features like 0-RTT: SSL Libraries Support Status · haproxy/wiki Wiki OpenSSL-3.0 is kno