Ping a Specific Port

Question

Edik Mkoyan

Asked: 2020-06-03 04:16:24 +0800 CST2020-06-03 04:16:24 +0800 CST 2020-06-03 04:16:24 +0800 CST

What happens to existing tcp sessions when a certificate is changed and haproxy is reloaded?

772

There may be two major reasons for changing a certificate. 1. Ordinary rotation, for example, due to expiration. In this case I would like to have a 100% high availiability. Existing sessions would use the old keys, the new sessions will use new encryption keys. 2. My private keys had been stolen and I want to drop all the exsting connections and reestablish those with the new keys.

How does the haproxy behave?

1 Answers

Voted

IshRaj · Answer 1 · 2020-06-03T04:38:29+08:00

IshRaj

2020-06-03T04:38:29+08:002020-06-03T04:38:29+08:00

A reverse proxy accepts requests from a client, and forwards it to the relevant front end servers and returns the response back as well.

Once the proxy is restarted and if bound to the correct certificate thumbprint in the .cfg it should serve with the new pub/priv key pair.

The stale pages delivered will stay as is until it is reloaded.

0

What happens to existing tcp sessions when a certificate is changed and haproxy is reloaded?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?