Hello All
I'm setting up POUND for my entire corporation. We, however, cannot seem to
get the SSL working correct.
Here's our setup:
(Entire network is private):
Clients >> POUND >> BackendServer1/BackenedServer2
Every time our users get directed to the backend servers, the first page is
encrypted. However, all subsequent pages that the user clicks on, are not.
This is causing a major problem with our sensitive data. I'm also trying to
get port 80 to automatically re-directs to port 443. No luck with either one
so far. Any help you can provide is great appreciated! Thank you - Anne
Here's my pound.cfg:
User "nobody"
Group "nobody"
RootJail "/usr/share/pound"
Control "/var/run/pound/ctl_socket"
# Main listening ports
ListenHTTP
Address 192.168.1.12
Port 80
xHTTP 1
End
ListenHTTPS
Address 192.168.1.12
Port 443
Cert "/usr/share/ssl/certs/myserver.pem"
Ciphers
"ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
xHTTP 1
HeadRemove "X-SSL-Request"
HeadRemove "X-Forwarded-For"
AddHeader "X-SSL-Request: 1"
End
# redirect all requests for /forbidden
Service
Url "/forbidden.*"
Redirect "https://192.168.1.12/";
End
# Catch-all server(s)
Service
BackEnd
Address 192.168.1.13
Port 7777
End
BackEnd
Address 192.168.1.14
Port 7777
End
Session
Type BASIC
TTL 300
End
End
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
