Thank you. I have done the same thing. On the web server (apache2) there are one vhost on port 443 with certificate for the access from the lan and one vhost on port 444 whithout certificate for the access from pound. Pound listen on port 443 from internet and redirect on BackEnd port 444.
Sylvain Mark C Williams Sr. a écrit : > You can disable https on you web server, as the Load Balancer will be doing > the encryption of the data between the client and your host web server. If > that not feasible, you may need to create another port on the web server > listening on any non-standard port (i.e. 8080) if port 80 is unavailable, > that is bonded to the web instance you are trying to LB. > > I have a similar setup where internal and external access requires SSL or > HTTPS. The web instance is bonded to port 443 on one IP address and port > 8080 on another IP, since port 80 for this server is utilized for another > app. Been working fine for years. > > Mark C Williams Sr. > Ricernet > Technologies > > > ________________________________ > > From: Sylvain Desveaux [mailto:[email protected]] > Sent: Wed 3/25/2009 12:10 PM > To: [email protected] > Subject: [Pound Mailing List] https access on my web server > > > > Hello all, > > I used pound in DMZ with https. > My config is 1 dns name / 1 web site. > > Here my config : > > ListenHTTPS > Address 0.0.0.0 > Port 443 > Cert "xxx.pem" > xHTTP 3 > > Service > HeadRequire "Host: www.website.com" > > BackEnd > Address xxx.xxx.xxx.xxx > Port 443 > End > End > > Service > HeadRequire "Host: webmail.website.com" > BackEnd > Address xxx.xxx.xxx.xxx > Port 443 > End > End > > End > > My problem : > > Pound used a certificate. > My web site used a certificate too. > > If i try to access on the web site this way, i get the error "An > internal server error occurred. Please try again later." > If i remove the web site's certificate , i can access on it. > > But many clients, access on the web site (https) by the local network, > so don't pass through the pound. > That's why the certificate is necessary on the web site. > > Any idea to solve this problem ? > > Thank you. > > Sylvain > > > > ************************************************************************************************************************** > Ce message et toutes les pieces jointes sont confidentiels et etablis à > l'intention exclusive de ses destinataires. > Toute utilisation ou diffusion non autorisee est interdite. > Tout message electronique est susceptible d'alteration. > SISTEER decline toute responsabilite au titre de ce message s'il a ete > altere, deforme ou falsifie. > Si vous n'etes pas le destinataire de ce message, merci de le detruire et > d'informer l'expediteur. > ************************************************************************************************************************** > This message and any attachments are confidential and intended solely for the > addressee(s). > Any unauthorised use or dissemination is prohibited. > E-mails are susceptible to alteration. > SISTEER shall not be liable for the message if altered, changed or falsified. > If you are not the intended addressee of this message, please cancel it > immediately and inform the sender. > ************************************************************************************************************************** > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > > =-=-=-=-=-=-=-=-=-=-=-=-=-=- > Scanned with Copfilter Version 0.84beta3a (ProxSMTP 1.8) > AntiSpam: SpamAssassin 3.2.5 > AntiVirus: ClamAV 0.94.2/9165 - Wed Mar 25 11:08:41 2009 > AntiVirus: AVG 7.5.51, engine 442 270.11.28/2022 2009-03-25 > by Markus Madlener @ http://www.copfilter.org <http://www.copfilter.org/> > > > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > ************************************************************************************************************************** Ce message et toutes les pieces jointes sont confidentiels et etablis à l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee est interdite. Tout message electronique est susceptible d'alteration. SISTEER decline toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie. Si vous n'etes pas le destinataire de ce message, merci de le detruire et d'informer l'expediteur. ************************************************************************************************************************** This message and any attachments are confidential and intended solely for the addressee(s). Any unauthorised use or dissemination is prohibited. E-mails are susceptible to alteration. SISTEER shall not be liable for the message if altered, changed or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender. ************************************************************************************************************************** -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
