Re: [Pound Mailing List] Help Please

Wed, 20 Jan 2010 11:34:08 -0800

I'm not sure which example you're referring to (there is incoming HTTPS directives via ListenHTTPS, and connecting to backend via HTTPS). I'll give both examples: 

#Listen to incoming HTTP requests on port 80
ListenHTTP
       Address         10.0.0.1
       Port               80
End

#Listen to incoming HTTPS requests on port 443
ListenHTTPS
       Address         10.0.0.1
       Port               443
       xHTTP           1
       Cert              "permfile.pem"
End

Service
       BackEnd
               Address 192.168.0.1
               Port    443
               HTTPS
       End
End

#------------- end of example
Couple of notes:
1. In this specific example, all incoming HTTPS & HTTPS requests will be passed over to the backend over HTTPS. 2. You can put the "Service" inside ListenHTTPS, if you wanted to talk HTTPS to backend only on secure requests. 3. The backend doesn't need a third-party certificate, as pound will make a connection with backend with a self-signed cert. 


Paul Farrar wrote:

Albert

Thanks for the version Tip.
Without giving away any confidential info, is there any way you could just send a example of your HTTPS entries in your conf file. 
If I had more time I would try to figure it out but the clock is ticking and I 
am close but not close enough for testing and sign off before we do the move.
Many thanks again 
Paul

Paul Farrar
Operations Engineer Tel: +44 (0) 1582816483 
Mobile:  +44 (0) 7841167934
Email:   [email protected]
http://www.stepstone.com StepStone Solutions (UK) Limited 475 The Boulevard 
Capability Green
Luton
LU1 3LU
England Registered in England and Wales 


-----Original Message-----
From: Albert [mailto:[email protected]] Sent: Tuesday 19 January 2010 17:01 
To: [email protected]
Subject: Re: [Pound Mailing List] Help Please
One thing to keep in mind is that pound does HTTPS offloading, which may be different than what you've got now. That means pound speaks https to the browser, but only HTTP to the backend webserver (unless you go through some gymnastics).
The latest version of pound does support HTTPS protocol with backend webservers. Granted the version is still labeled experimental, but we've been running it in production (with HTTPS to backend) for a month now, with no problems (we're running version 2.5d, earlier versions of 2.5 branch had a bug). 



--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.

--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.




--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.

Reply via email to