mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-09 08:16:58 +08:00
d0a509c6c3
This replaces the old no longer used "docker-tests". Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
33 lines
628 B
INI
33 lines
628 B
INI
global
|
|
user haproxy
|
|
group haproxy
|
|
#daemon
|
|
|
|
# Default SSL material locations
|
|
#ca-base /etc/ssl/certs
|
|
#crt-base /etc/ssl/private
|
|
|
|
ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
|
|
|
|
|
|
defaults
|
|
log global
|
|
mode http
|
|
option dontlognull
|
|
timeout connect 5000
|
|
timeout client 50000
|
|
timeout server 50000
|
|
|
|
frontend ssl
|
|
mode tcp
|
|
bind *:@HAPORT@
|
|
tcp-request inspect-delay 5s
|
|
tcp-request content accept if { req.ssl_hello_type 1 }
|
|
|
|
use_backend ocserv
|
|
|
|
backend ocserv
|
|
mode tcp
|
|
# option ssl-hello-chk
|
|
server server-vpn @ADDRESS@:@PORT@ check send-proxy
|