Hi list,
I've set up a loadbalancer with haproxy and I'm using stunnel to have HTTPS on the loadbalancer. Every connection on port 443 is forwarded by stunnel to port 80 where haproxy listens.
Some facts: FreeBSD 6.2 i386 stunnel 4.22 OpenSSL 0.9.7e-p1 gcc version 3.4.6 [FreeBSD] 20060305
Here is my stunnel.conf: sslVersion = all
chroot = /var/tmp/stunnel setuid = stunnel setgid = nogroup pid = /stunnel.pid
socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1
debug = 3
[https] cert = /usr/local/etc/stunnel/ssl/mycert.pem accept=localip:443 connect=localip:80
Some of my customers using HTTPS are claiming about aborted connections with MS Internet Explorer. They get a message about "secure and unsecure objects on this site, proceed?". When clicking yes they get a IE error message: "site not found". (Sorry, I don't know the exact english error message because customers use german version of IE). Of course there are only HTTPS objects on the page.
In my logs I've lot of these entries: SSL_accept: Peer suddenly disconnected
From time to time I'll get this error: SSL_read: Connection reset by peer (54) or: SSL_read: Operation timed out (60) or: SSL_write: Broken pipe (32)
At the moment I have no idea where these errors come from and if they really belong to the error the customer gets with his IE browser. Any ideas what could cause these error messages?
Thanks in advance, Matthias