Ssl ciphers and ssl version statistics

kinjelom · October 7, 2020, 12:09am

To keep up to date server side TLS configuration and don’t lose my clients I need to know what ssl ciphers and ssl version clients use. I can log it:

%sslc - ssl_ciphers (ex: AES-SHA)
%sslv - ssl_version (ex: TLSv1)

But I need only statistical information:

ssl_version/ssl_ciphers
last used
number of uses

Is there a way to get this info without overloading HAProxy with expensive logs?

lukastribus · October 7, 2020, 8:45am

No, this is not something that haproxy can do.

Logs are not really expensive, this needs to be done in log analysis. You can feed your own log consumer with this, keeping the data that you want and trowing away the rest.

Topic		Replies	Views
HAProxy 1.7 web interface checks for maintenance backends Help!	4	871	February 13, 2018
Send-proxy-v2-ssl option only send ssl version Help!	4	1669	August 22, 2017
HAProxy TLS interception Help!	8	1379	March 22, 2021
TLS Termination Help!	9	1804	July 30, 2018
How to silent 'SSL handshake failure' logs Help!	1	333	November 7, 2023

Ssl ciphers and ssl version statistics

Related Topics