Hello together,
I try to achieve a good result on ssllabs.com, but I got a complain that my website uses tls v1.0 - I thought that I disabled it by this row in haproxy.cfg:
bind abns@go_to_myfrontend accept-proxy ssl crt /etc/haproxy/certs/mycert.pem verify none ciphers EECDH+AESGCM:EDH+AESGCM force-tlsv12 no-tlsv10
But no. Curious is, that when I added the row, ssllabs stopped complains abot tls 1.1.
Do someone know what I missed?
ā
OpenSSL 1.0.2k-fips 26 Jan 2017
HA-Proxy version 1.5.18 2016/05/10
CentOS Linux release 7.7.1908 (Core)
Thanks a lot in advance for your time.