Greg,
The orion team doesn't ordinarily moniter the orion-interest list. I have
contacted them by email directly under our license contract, and Karl noted
the configuration for ssl in the load-balancer.xml. However, I haven't heard
from him after several direct emails. I think they are a little busy now.
An email from Karl is included below.
It might be a configuration error, but the ssl-config tag is exactly the
same as the tag used in the web-site.xml, so I don't think that is the
issue. When I used openssl s_client to check what was going on, it appears
to blow-up in the handshake step.
Regards,
the elephantwalker
.ps I think many people use apache reverse-proxy server and/or hardware
loadbalancers to do this. There doesn't seem to be much interest in using an
orion ssl loadbalancer solution, or there would have been more response to
this email trail. Sun's crypto solution is notoriously slow, so this could
be why people aren't very interested in this.
Karls email to me:
> Please answer these questions.
>
> We have two problems with the loadbalancer
>
> 1. The access log for each orion instance only lists the ip address of the
> loadbalancer. We need a workaround for this bug (already logged as a bug).
Forwarding the ip of the request initiator to the backend is a feature
that's
not implemented yet. I can't see a way for you to handle this, unless you
add
your own logging mechanism.
> 2. How to loadbalance our ssl site?
>
Look at http://www.orionserver.com/docs/load-balancer.xml.html
That shows the syntax of the load-balancer.xml file. Look at the secure
attribute and the ssl-config.
Remember, that the software loadbalancer provided might not give the same
performance as a hardware loadbalancer, and it might become a bottleneck if
you need to serve many requests.
Regards,
Karl Avedal
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Greg Kogan
Sent: Friday, July 06, 2001 10:18 AM
To: Orion-Interest
Subject: Re: clustering + ssl together
Hello,
I just encountered this problem myself, and a question popped up: "In
which version did this bug appear?" So I went as far back as 1.3.8 and the
bug was still there. Is there a possibility of misconfiguration here? Can
anybody from Orion development team comment on this? This a very important
issue to me and any feedback is greatly appreciated.
Thank you,
Greg Kogan.
