Am 08.01.2017 um 11:01 schrieb Stefan Eissing:
There is the reverse situation which is called opportunistic encryption, namely
the transfer of a http: request over a TLS connection.
Both cases are tricky on HTTP/1.x because the URI scheme is not transported in requests
(commonly. the spec
There is the reverse situation which is called opportunistic encryption, namely
the transfer of a http: request over a TLS connection.
Both cases are tricky on HTTP/1.x because the URI scheme is not transported in
requests (commonly. the spec would allow it but no one does it, so no one is
> On Jan 7, 2017, at 3:25 PM, Reindl Harald wrote:
>
>
>
> Am 07.01.2017 um 22:53 schrieb Yann Ylavic:
>> On Sat, Jan 7, 2017 at 9:30 AM, Reindl Harald wrote:
>>>
>>> something like below where "X-TLS-Offloading" is only evaluated from
>>>
On Sun, Jan 8, 2017 at 12:39 AM, Reindl Harald wrote:
>
> Am 08.01.2017 um 00:31 schrieb Yann Ylavic:
>>
>> On Sun, Jan 8, 2017 at 12:22 AM, Reindl Harald
>> wrote:
>>>
>>>
>>> ok, so we need to continue the code below and set the option in every
Am 08.01.2017 um 00:31 schrieb Yann Ylavic:
On Sun, Jan 8, 2017 at 12:22 AM, Reindl Harald wrote:
ok, so we need to continue the code below and set the option in every
tls-offloaded application - intention of this thread was maybe get this
transparent which seems not
On Sun, Jan 8, 2017 at 12:22 AM, Reindl Harald wrote:
>
> ok, so we need to continue the code below and set the option in every
> tls-offloaded application - intention of this thread was maybe get this
> transparent which seems not to be possible
It is "technically"
Am 07.01.2017 um 23:53 schrieb Yann Ylavic:
On Sat, Jan 7, 2017 at 11:25 PM, Reindl Harald wrote:
Am 07.01.2017 um 22:53 schrieb Yann Ylavic:
Wouldn't something like this work?
RewriteRule on
RewriteCond %{ENV:remoteip-proxy-ip-list} .
RewriteCond
On Sat, Jan 7, 2017 at 11:25 PM, Reindl Harald wrote:
>
> Am 07.01.2017 um 22:53 schrieb Yann Ylavic:
>>
>> Wouldn't something like this work?
>>
>> RewriteRule on
>> RewriteCond %{ENV:remoteip-proxy-ip-list} .
>> RewriteCond %{HTTP:X-TLS-Offloading} ^true$
>> RewriteRule
Am 07.01.2017 um 22:53 schrieb Yann Ylavic:
On Sat, Jan 7, 2017 at 9:30 AM, Reindl Harald wrote:
something like below where "X-TLS-Offloading" is only evaluated from
"RemoteIPInternalProxy" pyhsical addressess
RemoteIPHeader X-Forwarded-For
RemoteTLSHeader
On Sat, Jan 7, 2017 at 9:30 AM, Reindl Harald wrote:
>
> something like below where "X-TLS-Offloading" is only evaluated from
> "RemoteIPInternalProxy" pyhsical addressess
>
> RemoteIPHeader X-Forwarded-For
> RemoteTLSHeaderX-TLS-Offloading
>
Am 07.01.2017 um 17:04 schrieb Jered Floyd:
Does the "sslheaders" experimental plugin meet your needs?
https://docs.trafficserver.apache.org/en/latest/admin-guide/plugins/sslheaders.en.html
not really beause it's not transparent to the application and so i can
continue fake the $_SERVER
On Sat, Jan 7, 2017 at 2:30 AM, Reindl Harald wrote:
> * Apache Trafficserver in front
> * ATS configured for TLS-offloading
> * connection to backend-httpd on the LAN unencrypted
> * mod_remoteip correctly configured on backend httpd
>
> is there any way to make the
* Apache Trafficserver in front
* ATS configured for TLS-offloading
* connection to backend-httpd on the LAN unencrypted
* mod_remoteip correctly configured on backend httpd
is there any way to make the backend php application aware that in fact
$_SERVER['HTTPS'] and $_SERVER['REQUEST_SCHEME']
13 matches
Mail list logo