Hey,
I was just trying to set up the reverse proxy with my haproxy on the pfsense and it immediately gave TLS errors.
HAProxy is set to “Modern” which means it operates only on TLS v1.3 and AEAD ciphers.
I have not played with ciphers config on my Gitea instance yet. Is it not possible to use TLSv1.3 with HAProxy without downgrading the reverse proxy to TLSv1.2?
The docs say
* TLS 1.3 cipher suites
* "aes_128_gcm_sha256"
* "aes_256_gcm_sha384"
* "chacha20_poly1305_sha256"
* Aliased names
* "ecdhe_rsa_with_chacha20_poly1305" is an alias for "ecdhe_rsa_with_chacha20_poly1305_sha256"
* "ecdhe_ecdsa_with_chacha20_poly1305" is alias for "ecdhe_ecdsa_with_chacha20_poly1305_sha256"
so it should support it.