I posted on server fault but I thought I’d post here as well.
Scenario:
I have an old hp dl360 g7 with iLO 3. Modern browsers can’t access it because it uses ancient ciphers.
On my internal network, I’d like to have haproxy talk to it and eat the SSL errors and serve the content with SSL that modern browsers will support.
What I’ve tried:
frontend ilo3
bind *:3333 ssl crt /etc/letsencrypt/live/mydomain.com/haproxy.pem alpn h2,http/1.1
mode http
use_backend ilo3
backend ilo3
server node1 192.168.2.185 check ssl port 443 verify none
Result:
When I hit https://<haproxyip>:3333
I get:
Jun 25 22:28:46 haproxy haproxy[5750]: 192.168.2.229:54666 [25/Jun/2023:22:28:46.816] ilo3/1: SSL handshake failure
It’s possible I’m not understanding the difficulties with what I’m trying to do. Appreciate any education.