mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-21 03:00:35 +00:00
61b6a4da6c
WolfSSL does not seem to work correctly with the generate-certificates features. This patch disables it temporarly. ssl-max-ver TLSv1.2 seems to be a problem in the reg-test and wolfSSL but without it it's not able to generate correctly the cert: *** h1 debug|00000004:clear-lst.accept(0007)=0028 from [127.0.0.1:35956] ALPN=<none> *** h1 debug|00000004:clear-lst.clireq[0028:ffffffff]: GET / HTTP/1.1 *** h1 debug|00000004:clear-lst.clihdr[0028:ffffffff]: x-sni: unknown-sni.com *** h1 debug|00000004:clear-lst.clihdr[0028:ffffffff]: host: 127.0.0.1 *** h1 debug|fd[0x29] OpenSSL error[0x13d] : need the private key *** h1 debug|<134>Sep 20 15:42:58 haproxy[165743]: unix:1 [20/Sep/2023:15:42:58.042] ssl-lst/1: SSL handshake failure (need the private key) **** dT 1.072 *** h1 debug|fd[0x2a] OpenSSL error[0x13d] : need the private key *** h1 debug|<134>Sep 20 15:42:59 haproxy[165743]: unix:1 [20/Sep/2023:15:42:59.044] ssl-lst/1: SSL handshake failure (need the private key) **** dT 2.075 *** h1 debug|fd[0x29] OpenSSL error[0x13d] : need the private key *** h1 debug|<134>Sep 20 15:43:00 haproxy[165743]: unix:1 [20/Sep/2023:15:43:00.046] ssl-lst/1: SSL handshake failure (need the private key) **** dT 3.079 *** h1 debug|fd[0x29] OpenSSL error[0x13d] : need the private key *** h1 debug|<134>Sep 20 15:43:01 haproxy[165743]: unix:1 [20/Sep/2023:15:43:01.050] ssl-lst/1: SSL handshake failure (need the private key) **** dT 3.080 *** h1 debug|00000004:default_backend.clicls[0028:0023] *** h1 debug|00000004:default_backend.closed[0028:0023] *** h1 debug|<134>Sep 20 15:43:01 haproxy[165743]: 127.0.0.1:35956 [20/Sep/2023:15:42:58.042] clear-lst default_backend/s1 0/0/-1/-1/+3009 503 +217 - - SC-- 3/1/0/0/3 0/0 "GET / HTTP/1.1" 0/-/-/-/0 -/-/- **** c3 rxhdr|HTTP/1.1 503 Service Unavailable\r **** c3 rxhdr|content-length: 107\r **** c3 rxhdr|cache-control: no-cache\r **** c3 rxhdr|content-type: text/html\r **** c3 rxhdr|\r |
||
---|---|---|
.. | ||
generate_certificates | ||
ocsp_update | ||
add_ssl_crt-list.vtc | ||
bug-2265.crt | ||
ca-auth.crt | ||
cert1-example.com.pem.ecdsa | ||
cert1-example.com.pem.rsa | ||
cert2-example.com.pem.ecdsa | ||
cert2-example.com.pem.rsa | ||
client1.pem | ||
client2_expired.pem | ||
client3_revoked.pem | ||
client.ecdsa.pem | ||
common.4096.dh | ||
common.crt | ||
common.key | ||
common.pem | ||
crl-auth.pem | ||
del_ssl_crt-list.vtc | ||
dynamic_server_ssl.vtc | ||
ecdsa.crt | ||
ecdsa.key | ||
ecdsa.pem | ||
filters.crt-list | ||
interCA1_crl_empty.pem | ||
interCA1_crl.pem | ||
interCA2_crl_empty.pem | ||
interCA2_crl.pem | ||
localhost.crt-list | ||
log_forward_ssl.vtc | ||
new_del_ssl_cafile.vtc | ||
new_del_ssl_crlfile.vtc | ||
ocsp_auto_update.vtc | ||
README | ||
rootCA_crl.pem | ||
set_cafile_client.pem | ||
set_cafile_interCA1.crt | ||
set_cafile_interCA2.crt | ||
set_cafile_rootCA.crt | ||
set_cafile_server.pem | ||
set_default_cert.crt-list | ||
set_default_cert.pem | ||
set_ssl_bug_2265.vtc | ||
set_ssl_cafile.vtc | ||
set_ssl_cert_bundle.vtc | ||
set_ssl_cert_noext.vtc | ||
set_ssl_cert.vtc | ||
set_ssl_crlfile.vtc | ||
set_ssl_server_cert.vtc | ||
show_ocsp_server.pem | ||
show_ocsp_server.pem.issuer | ||
show_ocsp_server.pem.ocsp | ||
show_ocsp_server.pem.ocsp.revoked | ||
show_ssl_ocspresponse.vtc | ||
simple.crt-list | ||
ssl_alpn.vtc | ||
ssl_client_auth.vtc | ||
ssl_client_samples.vtc | ||
ssl_crt-list_filters.vtc | ||
ssl_curve_name.vtc | ||
ssl_curves.vtc | ||
ssl_default_server.vtc | ||
ssl_dh.vtc | ||
ssl_errors.vtc | ||
ssl_frontend_samples.vtc | ||
ssl_generate_certificate.vtc | ||
ssl_reuse.vtc | ||
ssl_server_samples.vtc | ||
ssl_simple_crt-list.vtc | ||
wrong_ctx_storage.vtc |
File list: - common.pem: PEM file which may be used by most of the VTC files.