I've been using the below config without any issues connecting to Apache running on Debian 8. I just setup a couple new Debian 9 boxes with the same config settings, but now I'm getting: Layer6 Invalid Response
I've confirmed that traffic is flowing between the HAProxy box and the web nodes. Does anyone have any idea why this check is failing? I've been digging through configuration files, and so far I haven't been able to find anything different between my systems. My best guess is that it has something to do with Debian 9.
frontend web3_ssl_frontend
bind <ipv4>:443
bind <ipv6>:443
mode tcp
default_backend web3_ssl_backend
backend web3_ssl_backend
balance roundrobin
mode tcp
cookie SERVERID insert indirect nocache
default-server inter 4s rise 3 fall 2
fullconn 20000
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
option ssl-hello-chk
server web1 192.168.163.2:443 maxconn 10000 check
server web2 192.168.163.3:443 maxconn 10000 check
ssl-hello-chk uses sslv3 which is disabled on debian 9. You can use tcp-check instead.