haproxy 有时会出现 SSL 错误

我正在尝试为多个主机设置一个 haproxy 来卸载 SSL。此配置非常完美：

# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    # to have these messages end up in /var/log/haproxy.log you will
    # need to:
    #
    # 1) configure syslog to accept network log events.  This is done
    #    by adding the '-r' option to the SYSLOGD_OPTIONS in
    #    /etc/sysconfig/syslog
    #
    # 2) configure local2 events to go to the /var/log/haproxy.log
    #   file. A line like the following can be added to
    #   /etc/sysconfig/syslog
    #
    #    local2.*                       /var/log/haproxy.log
    #
    log         127.0.0.1 local2

    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     15000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

    #tune.ssl.default-dh-param 2048

#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
 retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 11000

#---------------------------------------------------------------------
# main frontends which proxys to the backends
#---------------------------------------------------------------------


frontend www-https *:443
    bind *:443 ssl crt /etc/ssl/private/starmyhostname.pem no-sslv3

    #Define hosts & ACL's
    acl host_BEADHOSTWWW01 hdr(host) -i wwwtest.myhostname.eu
    acl host_BEADHOSTKB01 hdr(host) -i kb.myhostname.eu

    #Define which backend to use for each host
    use_backend BEADHOSTWWW01 if host_BEADHOSTWWW01
    use_backend BEADHOSTKB01 if host_BEADHOSTKB01

#---------------------------------------------------------------------
# Backends
#---------------------------------------------------------------------
backend BEADHOSTWWW01
    option httpclose
    cookie JSESSIONID prefix
    mode http
    server  WWW01 172.26.75.10:80 cookie A check

backend BEADHOSTKB01
    option httpclose
    cookie JSESSIONID prefix
    mode http
    server  KB01 172.26.75.2:80 cookie A check

但是，在某些情况下（假设 20 次中有 1 次），我会收到 ERR_SSL_PROTOCOL_ERROR（chrome）或 ssl_error_rx_record_too_long（firefox）。按 F5 可立即解决问题。

有人知道这是什么原因造成的，以及如何解决？谢谢！