Thank you, Willy. This is a huge help. -----Original Message----- From: Willy Tarreau [mailto:[email protected]] Sent: Sunday, March 14, 2010 3:43 PM To: Anne Moore Cc: 'Craig Carl'; 'XANi'; [email protected] Subject: Re: setup with Oracle and SSL
Hello Anne, On Sat, Mar 13, 2010 at 09:03:13PM -0500, Anne Moore wrote: > Craig, I do realize that. I have read it through, and I thought quite well. > However, I'm still not sure what URL or address to give to my users. > I'm assuming I just give them the http://haproxyserver_name.domain.com > address, and that haproxy server (or stunnel) will forward all URL's > to the appropriate web server? The documentation doesn't' state that, > so I'm curious. By default, haproxy won't rewrite the URL when passing the request to your servers, so the host name that your users will use should be the one configured on your servers. For instance : www.mydomain.com. Then you must have the DNS entry for www.mydomain.com point to your haproxy server (or stunnel which can be on the same machine). Quite often, when people insert a load balancer into an existing architecture, they set the previous server's IP address on the load balancer and assign new private IP addresses to the servers, so that haproxy receives the traffic for the public address and then communicates with the servers over the private addresses. > Also, assuming I have a cache server. Can I still use stunnel? > Documentation states I can't. If not, do you know how I would use a cache server? You can always use stunnel, but I'd ask differently : what cache is it ? Several caches already support SSL (apache, squid, nginx, maybe varnish though I'm not sure). So maybe you can handle the SSL on your existing cache already. Regards, Willy
