Hi Joe,
Immediately after sending my last message I made a new one... I just discovered that message somehow didn't get to the mailing list (maybe it wasn't sent). Sorry to have wasted your time. I always work with pound 1.6f, but on this system I installed it with apt-get (Ubuntu 10.4 LTS) and it was an old version (I believe 1.45). I compiled pound from source and now it's running as expected. JP -----Original message----- From: Joe Gooch <[email protected]> Sent: Wed 08-02-2012 17:46 To: '[email protected]' <[email protected]>; Subject: RE: [Pound Mailing List] HTTPS backend man pound It should be there. BackEnd A back-end is a definition of a single back-end server Pound will use to reply to incoming requests. All configuration directives enclosed between BackEnd and End are specific to a single service. The following directives are available: Address address The address that Pound will connect to. This can be a numeric IP address, or a symbolic host name that must be resolvable at run-time. If the name cannot be resolved to a valid address, Pound will assume that it represents the path for a Unix-domain socket. This is a mandatory parameter. Port port The port number that Pound will connect to. This is a mandatory parameter for non Unix-domain back-ends. HTTPS [ "cert" ] The back-end is using HTTPS. If the optional parameter cert is specified, Pound will present this certificate to the back-end. If it isn t, your installed pound does not have that feature. Don t know what else to tell you. Joe From: Jean-Pierre van Melis [mailto:[email protected]] Sent: Wednesday, February 08, 2012 10:19 AM To: [email protected] Subject: RE: [Pound Mailing List] HTTPS backend Joe, I tried that before.... I'm getting this error message.... Start service "pound" (/etc/rc2.d/S20pound) service: Start service: "pound" (/etc/rc2.d/S20pound) * Starting reverse proxy and load balancer pound starting... line 47: unknown directive " HTTPS" - aborted -----Original Message----- From: Joe Gooch <[email protected]> To: "'[email protected]'" <[email protected]> Date: Wed, 8 Feb 2012 14:39:49 +0000 Subject: RE: [Pound Mailing List] HTTPS backend See lines below. Joe > -----Original Message----- > From: Jean-Pierre [mailto:[email protected]] > Sent: Wednesday, February 08, 2012 8:52 AM > To: [email protected] > Subject: RE: [Pound Mailing List] HTTPS backend > > Hi Joe, > > I'm using 2.6f > > I did see the possibility to do a redirect, but this is AFAIK only > possible outside the backend-scope. > > ListenHTTPS > Address 0.0.0.0 > Port 4443 > > Cert "/root/.ssh/cert.pem" > CAList "/root/.ssh/godaddy-class2.pem" > xHTTP 3 > > Service "pfsense" > BackEnd > Address 82.172.139.149 > Port 61080 HTTPS > End > BackEnd > Address 89.250.170.164 > Port 61080 HTTPS > End > BackEnd > Address 89.250.169.117 > Port 61080 HTTPS > End > End > End > > This is my config... > How should it look if these backends were https backend? > > > -----Original message----- > From: Joe Gooch <[email protected]> > Sent: Tue 07-02-2012 22:45 > To: '[email protected]' <[email protected]>; > Subject: RE: [Pound Mailing List] HTTPS backend > > > HTTPS backends were added in v2.5c... Are you having an issue > configuring the feature, or are you using a pound that is older than > that, or is it something else? > > Joe > > -----Original Message----- > > From: Jean-Pierre [mailto:[email protected]] > > Sent: Tuesday, February 07, 2012 2:05 PM > > To: [email protected] > > Subject: [Pound Mailing List] HTTPS backend > > > > I've been using pound for a long while now. > > I'm also using pound to terminate my HTTPS connection with a cheapo > 1- > > subdomain SSL-certificate. > > Thanks to Pound I can have a few different machines using 1 IP and 1 > > subdomain. > > > > I now wanted to use pound to proxy my multi-WAN router. > > The multi-WAN router uses several modems and with pound I will always > > get a connection from a remote location because pound will only proxy > > for connections that are UP. This way I don't need to remember IP's > (I > > can still do this as fallback). > > > > During configuration I realized for the first time that I can't proxy > > to an SSL-connection. > > I now switched to http remote access, but this means someone can get > my > > passwords.... > > > > Is there a special reason why I can't use https-backend? > > SSL-support is already there as a client... > > > > BTW... I only need SSL-encryption, not 3-rd party authentication. > > > > JP > > > > > > > > -- > > To unsubscribe send an email with subject unsubscribe to > > [email protected]. > > Please contact [email protected] for questions. > > -- > To unsubscribe send an email with subject unsubscribe to > [email protected]. > Please contact [email protected] for questions. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
