Ubuntu 20.04 (Focal Fossa) has disabled all TLS versions < TLSv1.2 by default in openssl. In case you still need TLS 1.0 (for e.x. because of legacy clients), you can enable it with the following (HAProxy 2.0.14): bind *:443 ssl crt /etc/haproxy/certs/ ssl-min-ver TLSv1.0 ciphers ALL:@SECLEVEL=1
Networking
HAProxy High Availability using RHI, Quagga and OSPF
Usually, you can use VRRP + keepalived for making HAProxy redundant and providing a good service availability. In day-to-day operations, there are many cases where you have to take down a whole HAProxy host. For example, server reboots (because of kernel/os updates), hardware maintenance, new version of os distribution or installing/upgrading new HAProxy versions. For […]