You can disable https on you web server, as the Load Balancer will be doing the encryption of the data between the client and your host web server. If that not feasible, you may need to create another port on the web server listening on any non-standard port (i.e. 8080) if port 80 is unavailable, that is bonded to the web instance you are trying to LB. I have a similar setup where internal and external access requires SSL or HTTPS. The web instance is bonded to port 443 on one IP address and port 8080 on another IP, since port 80 for this server is utilized for another app. Been working fine for years. Mark C Williams Sr. Ricernet Technologies
________________________________ From: Sylvain Desveaux [mailto:[email protected]] Sent: Wed 3/25/2009 12:10 PM To: [email protected] Subject: [Pound Mailing List] https access on my web server Hello all, I used pound in DMZ with https. My config is 1 dns name / 1 web site. Here my config : ListenHTTPS Address 0.0.0.0 Port 443 Cert "xxx.pem" xHTTP 3 Service HeadRequire "Host: www.website.com" BackEnd Address xxx.xxx.xxx.xxx Port 443 End End Service HeadRequire "Host: webmail.website.com" BackEnd Address xxx.xxx.xxx.xxx Port 443 End End End My problem : Pound used a certificate. My web site used a certificate too. If i try to access on the web site this way, i get the error "An internal server error occurred. Please try again later." If i remove the web site's certificate , i can access on it. But many clients, access on the web site (https) by the local network, so don't pass through the pound. That's why the certificate is necessary on the web site. Any idea to solve this problem ? Thank you. Sylvain ************************************************************************************************************************** Ce message et toutes les pieces jointes sont confidentiels et etablis à l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite. Tout message electronique est susceptible d'alteration. SISTEER decline toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie. Si vous n'etes pas le destinataire de ce message, merci de le detruire et d'informer l'expediteur. ************************************************************************************************************************** This message and any attachments are confidential and intended solely for the addressee(s). Any unauthorised use or dissemination is prohibited. E-mails are susceptible to alteration. SISTEER shall not be liable for the message if altered, changed or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender. ************************************************************************************************************************** -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions. =-=-=-=-=-=-=-=-=-=-=-=-=-=- Scanned with Copfilter Version 0.84beta3a (ProxSMTP 1.8) AntiSpam: SpamAssassin 3.2.5 AntiVirus: ClamAV 0.94.2/9165 - Wed Mar 25 11:08:41 2009 AntiVirus: AVG 7.5.51, engine 442 270.11.28/2022 2009-03-25 by Markus Madlener @ http://www.copfilter.org <http://www.copfilter.org/> -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
