HAProxy community

Frontend TLS1.3 backend TLS1.0

Hi there,

I am having trouble to configure Haproxy encrypted connection to my home camera which uses 2 ports:

  • Port 8092: which is the login page and uses a weak encryption TLS 1.0 [ TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0 ] (Can’t make it work)
  • Port 8080: which is the video stream and is not encrypted. (I successfuly added TLS 1.3 encryption)

My idea was to:

  1. Frontend: encrypt trafic from Clients to servers configuring my Own ssl encryption (TLS 1.3) on haproxy with own certificates.
  2. Backend: divide the backend into two, one for the encripted port 8092 (TLS 1.0) and the other to the non encripted port 8080.

The problem is with port 8092 which by some reason can not start when I add the “ssl” keyword on the back-end as shown below and if no ssl keyword, it doesn’t work since the backend camera server as said before has TLS 1.0.

frontend tplink_in_8092
bind-process 2-3
bind *:8092 tfo ssl crt /etc/ssl/certs_self/prime256v1.pem process 2 alpn h2,http/1.1 curves X25519:P-256:secp384r1
bind abns@haproxy-clt5 accept-proxy tfo ssl crt /etc/ssl/certs_self/ec_concatenated_prime256v1.pem process 3 alpn h2,http/1.1 curves X25519:P-256:secp384r1
mode http
option forwardfor
http-request redirect scheme https code 301 if !{ ssl_fc }
http-request redirect scheme https if !{ ssl_fc }
http-request add-header X-Forwarded-Proto https
http-response set-header X-Frame-Options: DENY
http-response set-header X-Content-Type-Options: nosnif
http-response set-header Strict-Transport-Security max-age=31536000;includeSubDomains;preload
http-response set-header X-XSS-Protection: 1;mode=block
http-response set-header Referrer-Policy no-referrer-when-downgrade
# HSTS (15768000 seconds = 6 months)
http-response set-header Strict-Transport-Security max-age=15768000
default_backend tplink_dest_8092

backend tplink_dest_8092
mode http
option forwardfor
option http-server-close
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
# server ipcam 192.168.0.155:8092 force-tlsv10 check verify none (Doesn’t work but haproxy can start)
# server ipcam 192.168.0.155:8092 force-tlsv10 ssl ca-file /etc/ssl/certs/ca-certificates.crt check ssl verify none (Haproxy doesn’t start)
# server ipcam 192.168.0.155:8092 force-tlsv10 ssl ca-file /etc/ssl/certs/ca-certificates.crt check ssl verify none (Haproxy doesn’t start)

The error shown in the log when Haproxy doesn’t start is:

Aug 7 23:17:34 raspberrypi haproxy[18707]: [ALERT] 218/231734 (18707) : Proxy ‘tplink_dest_8092’, server ‘ipcam’ [/etc/haproxy/haproxy.cfg:146] : unable to set TLS 1.3 cipher suites to ‘TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384’.
Aug 7 23:17:34 raspberrypi haproxy[18707]: [ALERT] 218/231734 (18707) : Fatal errors found in configuration.

My SSL configuration under global is:

    # Default SSL material locations
    ca-base /etc/ssl/certs_self
    crt-base /etc/ssl/private

    #SSL/TLS Mode async
    #ssl-engine rdrand
    ssl-mode-async

    #Increase TLS session cache size and lifetime to avoid computing too many symetric keys
    tune.ssl.cachesize 100000
    tune.ssl.lifetime 600
    tune.ssl.maxrecord 1460
     
    #Due to Raspberry pid doesn't have AES hardware crypto we prefer chacha20

    #TLS1.2
    ssl-default-bind-ciphers  ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-server-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

    #TLS1.3
    ssl-default-bind-ciphersuites   TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
    ssl-default-server-ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384

    #ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets 
    ssl-default-bind-options ssl-min-ver TLSv1.0 no-tls-tickets

where I changed from “ssl-min-ver TLSv1.2” to “ssl-min-ver TLSv1.0” expecting it to work but unfortunately it doesn’t. Not even if adding “force-tlsv10” to the backend as shown above in the backend configuration. :frowning:

And here is my “haproxy -vv” for reference:

HA-Proxy version 1.8.19-1+rpi1 2019/03/14
Copyright 2000-2019 Willy Tarreau willy@haproxy.org

Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -O2 -fdebug-prefix-map=/haproxy-1.8.19=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv -Wno-format-truncation -Wno-null-dereference -Wno-unused-label
OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_LUA=1 USE_SYSTEMD=1 USE_PCRE2=1 USE_PCRE2_JIT=1 USE_NS=1

Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with OpenSSL version : OpenSSL 1.1.1b 26 Feb 2019
Running on OpenSSL version : OpenSSL 1.1.1c 28 May 2019
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
Built with Lua version : Lua 5.3.3
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE2 version : 10.32 2018-09-10
PCRE2 library supports JIT : yes
Built with zlib version : 1.2.11
Running on zlib version : 1.2.11
Compression algorithms supported : identity(“identity”), deflate(“deflate”), raw-deflate(“deflate”), gzip(“gzip”)
Built with network namespace support.

Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.

Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace

Please if you have some advice or note from where to adjust.

Thank you:grinning:

Comment out line 146 in the configuration and check if it works. Specify what command it is (either ssl-default-bind-ciphersuites or ssl-default-server-ciphersuites).

Thanks for your answer @lukastribus I applied your suggestions and got some progress:

ug 8 12:27:53 raspberrypi haproxy[28062]: Proxy recir_client7 started.
Aug 8 12:27:53 raspberrypi haproxy[28062]: Proxy recir_client7 started.
Aug 8 12:27:53 raspberrypi haproxy[28065]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer4 connection problem, info: “SSL handshake failure”, check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 12:27:53 raspberrypi haproxy[28064]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer4 connection problem, info: “SSL handshake failure”, check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 12:27:53 raspberrypi haproxy[28064]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer4 connection problem, info: “SSL handshake failure”, check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 12:27:53 raspberrypi haproxy[28065]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer4 connection problem, info: “SSL handshake failure”, check duration: 0ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 12:27:53 raspberrypi haproxy[28064]: backend tplink_dest_8092 has no server available!
Aug 8 12:27:53 raspberrypi haproxy[28065]: backend tplink_dest_8092 has no server available!
Aug 8 12:27:53 raspberrypi haproxy[28064]: backend tplink_dest_8092 has no server available!
Aug 8 12:27:53 raspberrypi haproxy[28065]: backend tplink_dest_8092 has no server available!
Aug 8 12:28:01 raspberrypi haproxy[28064]: 192.168.0.22:46672 [08/Aug/2019:12:28:01.271] tplink_in_8092~ tplink_dest_8092/ 0/-1/-1/-1/0 503 213 - - SCNN 1/1/0/0/0 0/0 “GET / HTTP/1.1”
Aug 8 12:28:01 raspberrypi haproxy[28064]: 192.168.0.22:46674 [08/Aug/2019:12:28:01.294] tplink_in_8092~ tplink_dest_8092/ 0/-1/-1/-1/0 503 213 - - SCNN 1/1/0/0/0 0/0 “GET /favicon.ico HTTP/1.1”

Searching for the error on Google for the “ssl handshake” I found some people telling it was a cipher error . They suggested specifying it in the backend. The camera certificate indicates it uses “TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS 1.0” so I added those changes and now I have no errors with this change and by removing the “check ssl” or “check check-ssl” but still can not connect :frowning:

Here is the configuration I changed in SSL global:

    #TLS1.2
    ssl-default-bind-ciphers  ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
ssl-default-server-ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

    #TLS1.3
    ssl-default-bind-ciphersuites   TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384
    #ssl-default-server-ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384

    #Comentando la opción "force-tlsv12" se habilita TLSv1.3 ya lo probamos y con esta configuración funciona
    ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets

And here the front and backend configuration that gives no haproxy start error, no log error but “503 Service Unavailable” when connecting to it (When removing the check from the backend the log errors also disappear):

frontend tplink_in_8092
bind-process 2-3
bind *:8092 tfo ssl crt /etc/ssl/certs_self/ec_concatenated_prime256v1.pem crt /etc/ssl/certs_self/ec_concatenated_secp348r1.pem crt /etc/ssl/certs_self/ec_concatenated_secp521r1.pem process 2 alpn h2,http/1.1 curves X25519:P-256:secp384r1
bind abns@haproxy-clt5 accept-proxy tfo ssl crt /etc/ssl/certs_self/ec_concatenated_prime256v1.pem crt /etc/ssl/certs_self/ec_concatenated_secp348r1.pem crt /etc/ssl/certs_self/ec_concatenated_secp521r1.pem process 3 alpn h2,http/1.1 curves X25519:P-256:secp384r1
mode http
option forwardfor
http-request redirect scheme https code 301 if !{ ssl_fc }
http-request redirect scheme https if !{ ssl_fc }
http-request add-header X-Forwarded-Proto https
http-response set-header X-Frame-Options: DENY
http-response set-header X-Content-Type-Options: nosnif
http-response set-header Strict-Transport-Security max-age=31536000;includeSubDomains;preload
http-response set-header X-XSS-Protection: 1;mode=block
http-response set-header Referrer-Policy no-referrer-when-downgrade
# HSTS (15768000 seconds = 6 months)
http-response set-header Strict-Transport-Security max-age=15768000
#http-request set-header X-Client-IP %[req.hdr_ip(X-Forwarded-For)]
default_backend tplink_dest_8092

backend tplink_dest_8092
mode http
option forwardfor
option http-server-close
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
cookie tplSSIONID prefix indirect nocache
server ipcam 192.168.0.155:8092 force-tlsv10 no-sslv3 ssl ca-file /etc/ssl/certs/ca-certificates.crt maxconn 50 verify none cookie ipcam1 ciphers DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA

Here is the log which shows no error:


Aug 8 13:18:49 raspberrypi haproxy[28710]: Proxy recir_client6 started.
Aug 8 13:18:49 raspberrypi haproxy[28710]: Proxy recir_client6 started.
Aug 8 13:18:49 raspberrypi haproxy[28710]: Proxy recir_client7 started.
Aug 8 13:18:49 raspberrypi haproxy[28710]: Proxy recir_client7 started.
Aug 8 13:19:01 raspberrypi haproxy[28713]: 192.168.0.22:47550 [08/Aug/2019:13:18:57.992] tplink_in_8092~ tplink_dest_8092/ipcam 0/0/-1/-1/3544 503 213 - - SCNN 1/1/0/0/3 0/0 “GET / HTTP/1.1”
Aug 8 13:19:01 raspberrypi haproxy[28713]: 192.168.0.22:47550 [08/Aug/2019:13:19:01.609] tplink_in_8092~ tplink_dest_8092/ipcam 0/0/-1/-1/1 503 213 - - CCNN 1/1/0/0/0 0/0 “GET /favicon.ico HTTP/1.1”

Now if I add “check check-ssl” in the backend, when restarting haproxy I can see the log:

Aug 8 13:22:07 raspberrypi haproxy[28754]: Proxy recir_client6 started.
Aug 8 13:22:07 raspberrypi haproxy[28754]: Proxy recir_client6 started.
Aug 8 13:22:07 raspberrypi haproxy[28754]: Proxy recir_client7 started.
Aug 8 13:22:07 raspberrypi haproxy[28754]: Proxy recir_client7 started.
Aug 8 13:22:07 raspberrypi haproxy[28756]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer6 invalid response, info: “SSL handshake failure”, check duration: 178ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 13:22:07 raspberrypi haproxy[28756]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer6 invalid response, info: “SSL handshake failure”, check duration: 178ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 13:22:07 raspberrypi haproxy[28756]: backend tplink_dest_8092 has no server available!
Aug 8 13:22:07 raspberrypi haproxy[28756]: backend tplink_dest_8092 has no server available!
Aug 8 13:22:07 raspberrypi haproxy[28757]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer6 invalid response, info: “SSL handshake failure”, check duration: 317ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 13:22:07 raspberrypi haproxy[28757]: Server tplink_dest_8092/ipcam is DOWN, reason: Layer6 invalid response, info: “SSL handshake failure”, check duration: 317ms. 0 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.
Aug 8 13:22:07 raspberrypi haproxy[28757]: backend tplink_dest_8092 has no server available!
Aug 8 13:22:07 raspberrypi haproxy[28757]: backend tplink_dest_8092 has no server available

Just in case, the camera is up and running in my LAN through https://192.168.0.155:8092

Just configuring random SSL options is only messing with your setup. Stop doing this and go back to a normal configuration.

Don’t configure ssl-default-server-ciphers, force-tlsv10, no-sslv3, ciphers or ca-file (you verify none anyway).

This is how your server line should look like:

server ipcam 192.168.0.155:8092 maxconn 50 ssl verify none cookie ipcam1

If it still doesn’t work, provide the full output of:

openssl version
openssl s_client -connect 192.168.0.155:8092

Thanks again @lukastribus I’ve just done you exact modifications but still can not :frowning:

The log when I connect:

Aug 8 16:10:31 raspberrypi haproxy[30775]: Proxy recir_client7 started.
Aug 8 16:10:31 raspberrypi haproxy[30775]: Proxy recir_client7 started.
Aug 8 16:10:52 raspberrypi haproxy[30777]: 192.168.0.22:47818 [08/Aug/2019:16:10:48.941] tplink_in_8092~ tplink_dest_8092/ipcam 0/0/-1/-1/3611 503 213 - - SCNN 1/1/0/0/3 0/0 “GET / HTTP/1.1”
Aug 8 16:10:52 raspberrypi haproxy[30777]: 192.168.0.22:47818 [08/Aug/2019:16:10:52.674] tplink_in_8092~ tplink_dest_8092/ipcam 0/0/-1/-1/0 503 213 - - CCNN 1/1/0/0/0 0/0 “GET /favicon.ico HTTP/1.1”

openssl version

OpenSSL 1.1.1c 28 May 2019

And the command “openssl s_client -connect 192.168.0.155:8092” shows:

> CONNECTED(00000003)
> 1991778320:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:…/ssl/statem/statem_lib.c:1922:
> —
> no peer certificate available
> —
> No client certificate CA names sent
> —
> SSL handshake has read 58 bytes and written 290 bytes
> Verification: OK
> —
> New, (NONE), Cipher is (NONE)
> Secure Renegotiation IS NOT supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> Early data was not sent
> Verify return code: 0 (ok)
> —

And just in case, if this adds a bit more information, from the browser:

OpenSSL cannot connect. Did you build OpenSSL yourself and if yes, how exactly (what commands)?

What output do you have for:
openssl s_client -connect 192.168.0.155:8092 -tls1 -cipher 'DHE-RSA-AES128-SHA'

No haven’t build it my self, I comes from Raspbian Buster sources. So from your words it seems I have to build openssl.

From google, I found a way to see some of the options used at compilation time with “openssl version -f” which trows the following:

openssl version -f
compiler: gcc -fPIC -pthread -Wa,–noexecstack -Wall -Wa,–noexecstack -g -O2 -fdebug-prefix-map=/build/openssl-hL5TK7/openssl-1.1.1c=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2

The output for the command " openssl s_client -connect 192.168.0.155:8092 -tls1 -cipher 'DHE-RSA-AES128-SHA'" is:

> CONNECTED(00000003)
> Can’t use SSL_get_servername
> depth=0 C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
> verify error:num=66:EE certificate key too weak
> verify return:1
> depth=0 C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
> verify error:num=18:self signed certificate
> verify return:1
> depth=0 C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
> verify return:1
> 1990995984:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:…/ssl/statem/statem_clnt.c:2156:
> —
> Certificate chain
> 0 s:C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
> i:C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
> —
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIICBzCCAXCgAwIBAgIEfpaDWjANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQGEwJD
> TjESMBAGA1UECBMJR3Vhbmdkb25nMREwDwYDVQQHEwhTaGVuemhlbjESMBAGA1UE
> AxMJbG9jYWxob3N0MB4XDTE5MDMzMDAyMjQzM1oXDTI5MDIwNTAyMjQzM1owSDEL
> MAkGA1UEBhMCQ04xEjAQBgNVBAgTCUd1YW5nZG9uZzERMA8GA1UEBxMIU2hlbnpo
> ZW4xEjAQBgNVBAMTCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
> gYEAoGV5m+xp3igCh6Aupxfdn/HG02SzSHy7gT0yhjt7QUzl3S6dhGUuwMf2VtcG
> egv2858LFEx58deXMPBRJD+r2CmzKDlC9LUzE7bWxBf+N972e48SuDDTjxI55G+W
> NlS7km1AJQnG9C8rdnRXXh2DSmInVVNF17OEk/elJugNnesCAwEAATANBgkqhkiG
> 9w0BAQUFAAOBgQALTmb1e5jfLCtQjy+Yag3zVyFt5Z4BjOkJhoc+OFfXhPOpk7fR
> bQ17XE5wZqBl5lXwZGmdCZo1ugyb2aePwl67+5UtBt+4CORNWI8oaQw6qr64TOu8
> w08GB7xb7xbbo7TdHHksNFgzEYmTGmtK9u8iFBa06sSWiFLLMa+4oEHoIQ==
> -----END CERTIFICATE-----
> subject=C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
**> **
> issuer=C = CN, ST = Guangdong, L = Shenzhen, CN = localhost
**> **
> —
> No client certificate CA names sent
> —
> SSL handshake has read 1125 bytes and written 73 bytes
> Verification error: self signed certificate
> —
> New, (NONE), Cipher is (NONE)
> Server public key is 1024 bit
> Secure Renegotiation IS supported
> Compression: NONE
> Expansion: NONE
> No ALPN negotiated
> SSL-Session:
> Protocol : TLSv1
> Cipher : 0000
**> Session-ID: **
**> Session-ID-ctx: **
**> Master-Key: **
> PSK identity: None
> PSK identity hint: None
> SRP username: None
> Start Time: 1565293904
> Timeout : 7200 (sec)
> Verify return code: 18 (self signed certificate)
> Extended master secret: no
> —

Interesting, with those configurations openssl can now connect.

Please try which of those configurations work (maybe all of them work):

server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ciphers DHE-RSA-AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ciphers DHE-RSA-AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ssl-max-ver TLSv1.2 ciphers DHE-RSA-AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ssl-max-ver TLSv1.0 ciphers DHE-RSA-AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none force-tlsv10 ciphers DHE-RSA-AES128-SHA

Background: what you see in Firefox (TLS_DHE_RSA_WITH_AES_128_CBC_SHA) cannot be configured with OpenSSL/Haproxy, because it’s the IANA name. The OpenSSL equivalent is DHE-RSA-AES128-SHA.

edit: if none of the above works (likely because of a too small DHE group), try AES128-SHA instead:

server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ciphers AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ciphers AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ssl-max-ver TLSv1.2 ciphers AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ssl-min-ver TLSv1.0 ssl-max-ver TLSv1.0 ciphers AES128-SHA
server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none force-tlsv10 ciphers AES128-SHA

That’s the equivalent cipher without DHE (TLS_RSA_WITH_AES_128_CBC_SHA).

No, I just wanted to check if openssl has been build with non-default options.

I can’t believe this is working!! I’ve been trying to make it work since a long long time ago!
Thank you a lot @lukastribus you are a genius!!:smiley::grinning::tada::confetti_ball:

For others to know, It just worked with the first one I tried from the second list from @lukastribus lukastribus:

server ipcam 192.168.0.155:8092 maxconn 50 cookie ipcam1 ssl verify none ciphers AES128-SHA

For the record: the issue here likely is that a DHE cipher is negotiated, with a insecure DH group:

1990995984:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:…/ssl/statem/statem_clnt.c:2156:

Negotiating a non-DHE cipher like AES128-SHA instead (TLS_RSA_WITH_AES_128_CBC_SHA) fixes the issue, as no DH groups are involved.