HA Proxy with TLS 1.3

  • Now that 2.0 is the HA Proxy DEV branch, 1.9 is out and stable, and 1.8 is LTS are there any plans to move the pfSense packages accordingly? I'm very much looking forward to h2 and tls1.3 support but don't want to move to a dev package and end up on 2.0 unexpectedly.

  • Rebel Alliance Developer Netgate

    TLS 1.3 will require OpenSSL 1.1.x, which is only currently available on pfSense 2.5.0 development snapshots. Though it does look like net/haproxy-devel is at 2.0-dev2 on the branch used for pfSense 2.5.0 development, but the pfSense haproxy-devel package doesn't use it (yet).

    I'm not aware of any plans to switch that over yet, but it's probably just a matter of time.

Log in to reply