我有一个具有以下配置的Haproxy服务器。
frontend my-front-end
bind *:8443 accept-proxy ssl crt /etc/haproxy/certs/acme.dev.test.pem ca-file /etc/haproxy/certs/ca.pem verify required
http-request set-header X-SSL %[ssl_fc]
http-request set-header X-SSL-Client-Verify %[ssl_c_verify]
http-request set-header X-SSL-Client-SHA1 %{+Q}[ssl_c_sha1]
http-request set-header X-SSL-Client-DN %{+Q}[ssl_c_s_dn]
http-request set-header X-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
http-request set-header X-SSL-Issuer %{+Q}[ssl_c_i_dn]
acl validcert ssl_c_s_dn(cn) -m reg ^(acme-acme-API-TEST-Signing)$
http-request deny if !validcert
...
如何使用cURL或Postman发出满足SSL验证的GET https请求? 我尝试了“ --cert acmeroot.pem”,但是得到了
curl: (35) error:1401E410:SSL routines:CONNECT_CR_FINISHED:sslv3 alert handshake failure