Hello everyone. I want to configure HAProxy to allow connections only from users with a valid certificate, so the connection between the client application and HAProxy is restricted and then the connection between HAProxy and my backend servers is only SSL without certificate authentication.
So far my configuration works with Firefox, Internet Explorer, Microsoft Edge, Chrome, Thunderbird (IMAP) and Smarthphones mail apps (IMAP).
The problem comes when I try to use Outlook 2016 client (I also tested it with Outlook 2010 and Outlook 2013 and I get the same problem) it just crashes.
This is what I did to create the certificates --> https://paste.ee/p/d4kYu
And this is my HAProxy configuration file --> https://paste.ee/p/Xw5Lp
Did someone manage to get this working?
UPDATE 1 !!!
I found that when using any Microsoft product (Edge, Internet Explorer, Outlook) I get a “Connection closed during SSL handshake” error in my HAProxy logs and then I am asked to confirm the client certificate.
So my guess is that it fails when using Outlook because I have no way to confirm the certificate, therefore no data is sent to finish the SSL handshake
UPDATE 2 !!!
I changed my “defaults” configuration and now I do not get the “Connection closed during SSL handshake” error, but Outlook still crashes