HAProxy Backend Problem since upgrade

vito

hello,
We had a working HAProxy setup on 2.4.5.x prior to upgrading to current build

Setup:
One shared front end with multiple backends (about 4)
Front end cert is good (wild card cert is used on the front end)
Any of the the backends that were configured to communicate on 443 / Encrypt fail to connect with a 503. (They all respond and work on 443 locally and internally)

We tried with the self signed and real cert (importing the wildcard from pfsense to the backends), still nothing
Changing the backend to 80 (or non ssl port) works

Looking around it seems it is from the ssl handshake.

Acl are pretty basic... If host matches..use back end...

I assume i am missing something in the newer HAProxyDev package to get this to work or bypass any cert verification?

Any help is appreciated!

Thanks in advance.

vito

UPDATE:
This is a HA Proxy Dev problem it appears

We had Dev on 2.4.5 prior to 21.0x
When updating, HA Proxy dev went to a different version which is now not working with SSL backends. From what research we have seen and tried, it is a SSL handshake problem.
We tried, reduced SSL settings, real trusted certs...and so on.

The only fix was to uninstall HA Dev and install the normal HA Proxy Package
Same config, works fine. (old 2.4.5 HA Dev is Current 21.05.1 Prod HA Proxy...or close)

Not sure what changed in the versions to break our setup.

Any insight would be appreciated if you have seen this behavior