A few links on our blogs related to Willy's mail and your problem:
 - SSLID persistence:
http://blog.exceliance.fr/2011/07/04/maintain-affinity-based-on-ssl-session-id/

 - Content switching based on SNI in HAProxy:
http://blog.exceliance.fr/2012/04/13/enhanced-ssl-load-balancing-with-server-name-indication-sni-tls-extension/

- Proxy protocol and application:
http://blog.exceliance.fr/2012/06/05/preserve-source-ip-address-despite-reverse-proxies/

- SSL offloading in HAProxy:
http://blog.exceliance.fr/2012/09/10/how-to-get-ssl-with-haproxy-getting-rid-of-stunnel-stud-nginx-or-pound/


Scaling out SSL with Stud: http://blog.exceliance.fr/2011/11/07/scaling-out-ssl/
(but might be the same in HAProxy once applied to it)

You mix a bit of these article and you can build the architecture
Willy described.

cheers

Reply via email to