Hi,
This is regarding that can we get the client host name and certificate details used in the case of ‘SSL handshake failure’ exception by any sorts of error logging customization in haproxy config.
Any help or suggestions would be much appreciated
Would be interested as well…
For succesful SSL connections, checkout all the ssl_c_* variables that you can put into a custom log format as per:
https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#8.2.4
For failed handshakes, errors, there is a feature request here:
Thank you lukastribus
For others that stumble upon this, I can add that I had luck using tshark to monitor the traffic on the interface when I had TLS errors that were not really clear in the haproxy logs.
/tony