Haproxy ssl issue


I have centos 7 with haproxy installed (HA-Proxy version 1.5.18 2016/05/10).
I have a Windows server with IIS contains a web site.

Eevery thing work perfectly without ssl if i try to add secure connexion with sectigo SSL the web site will not work.
bellow my configuration file haproxy.cfg:

log /dev/log local0 debug
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy

# turn on stats unix socket
stats socket /var/lib/haproxy/stats


common defaults that all the ‘listen’ and ‘backend’ sections will

use if not designated in their block

mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000

frontend web-servers
#bind ssl crt /etc/ssl/certs/myssl.pem
#redirect scheme https code 301 if !{ ssl_fc }
#mode http
default_backend web-servers

backend web-servers
mode http
cookie JSESSIONID prefix
option httpclose
option forwardfor
reqadd X-Forwarded-Proto:\ http
server app cookie app

listen stats
mode http
log global
stats enable
stats uri /stats
stats hide-version
stats show-node
stats auth admin:123

Haproxy 1.5.8 is “very” old and since october 2020 not longer maintained. also centos 7 is “old”.
have you enabled tlsv1.1 and tlsv1.2? what error do you get? have you tried to connect with openssl s_client
i wouuld suggest to upgrade to a newer version of haproxy. maybe complile the latest version.
maybe it is a combination of old haproxy, old openssl etc.

Done, but nothing changed same issue still exist