haproxy tls hash algorithm

ssl hash haproxy

The solution for me is: install haproxy 1.8.17 with openssl 1.1.1a from Debian testing. For some reason this combination uses RSA+SHA256 as signature algorithm in the DH key exchange.

The intention was to use the openssl configuration file (/etc/ssl/openssl.cnf) to set the signature algorithm E.g.

[ system_default_sect ]
SignatureAlgorithms       = RSA+SHA256
ClientSignatureAlgorithms = RSA+SHA256

This setting is only available since openssl 1.1.1. But it does not show any effect for me. Anyway, the above-mentioned software combination seems to be sufficient.

I would be grateful if anybody could offer me an explanation for this behaviour.

Related

Issue when trying to run command "YUM Update" Cannot retrieve repository metadata (repomd.xml)
Use apache to strip off a URL param and add it as a custom HTTP header on a redirect
How to setup a CNAME to map a custom domain to an Apple Mobile Me site
Windows NLB detect dead IIS?
Problems with sudo in path
OpenVZ Host is the source IP address rather than actual web surfers?
Can I pull data from server to client with Iperf?
How to migrate KVM based VMs running in LVM setup to Vmdk images
Brightness issue in a Lenovo ThinkPad Edge LR236W5
Adapt font and icon sizes to High Definition screen resolutions in Ubuntu-Studio XFCE
#1045 Cannot log in to the MySQL server
Ubuntu to Kubuntu switch!