Anne, Maybe too simple, but if the first page returns as https://myhost/page I am wondering if there are hard coded http::// links on the site ie: <a href="http://myhost/page2";>page 2</a>
instead of <a href="page2">page 2</a> regards, Michael On Tue, Mar 16, 2010 at 11:16 AM, Anne Moore <[email protected]>wrote: > Hello All > > I'm setting up POUND for my entire corporation. We, however, cannot seem to > get the SSL working correct. > > Here's our setup: > > (Entire network is private): > > Clients >> POUND >> BackendServer1/BackenedServer2 > > Every time our users get directed to the backend servers, the first page is > encrypted. However, all subsequent pages that the user clicks on, are not. > This is causing a major problem with our sensitive data. I'm also trying to > get port 80 to automatically re-directs to port 443. No luck with either > one > so far. Any help you can provide is great appreciated! Thank you - Anne > > Here's my pound.cfg: > > User "nobody" > Group "nobody" > RootJail "/usr/share/pound" > Control "/var/run/pound/ctl_socket" > > # Main listening ports > ListenHTTP > Address 192.168.1.12 > Port 80 > xHTTP 1 > End > ListenHTTPS > > Address 192.168.1.12 > Port 443 > Cert "/usr/share/ssl/certs/myserver.pem" > Ciphers > "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" > xHTTP 1 > HeadRemove "X-SSL-Request" > HeadRemove "X-Forwarded-For" > AddHeader "X-SSL-Request: 1" > End > > # redirect all requests for /forbidden > Service > Url "/forbidden.*" > Redirect "https://192.168.1.12/"; > End > > # Catch-all server(s) > Service > BackEnd > Address 192.168.1.13 > Port 7777 > End > BackEnd > Address 192.168.1.14 > Port 7777 > End > Session > Type BASIC > TTL 300 > End > End > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
