All, I know there's a preference for using a proxy to terminate SSL connections rather than using the native python code.
There's a good write up of configuring the various proxies here: http://docs.openstack.org/security-guide/content/ch020_ssl-everywhere.html If we're not using native python SSL termination in TripleO we'll need to pick which one of these would be a reasonable choice for initial https support. Pound may be a good choice -- its lightweight (6,000 lines of C), easy to configure and gives good control over the SSL connections (ciphers etc). Plus, we've experience with pushing large (GB) requests through it. I'm interested if others have a strong preference for one of the other options (stud, nginx, apache) and if so, what are the reasons you feel it would make a better choice for a first implementation. Thanks, -Stuart _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev