Hi,
I am trying to configure Pound to act as a reverse HTTPS proxy for a HTTPS
server behind a firewall. The server that I am trying to access in the backend
has a self-signed certificate, and causes Pound to return that it is
unavailable. In the system log it reports a handshake failure. I am running
Ubuntu 12.04 LTS, and was able to add the self-signed certificates to openssl's
trusted ca-certificates (following Ubuntu's instructions) and I am no longer
prompted an error when browsing the backend server using Lynx. Is there
something that I'm missing? I've search and can't find any information
regarding self-signed certificates or how Pound interacts with root
certificates.
Configuration:
ListenHTTPS
Address 192.168.0.187
Port 7004
Cert "/etc/ssl/local.server.pem"
Service
BackEnd
Address sanitized.local
Port 7004
HTTPS
End
End
End
Syslog error:
pound: BIO_do_handshake with 192.168.0.22:7004 failed: error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Jonathan Galentine
Chief Technology Officer
7900 Westpark Dr, Ste A50, McLean, VA 22102
Office: (703) 891-0131 x304 | Fax: (703) 891-0129
[email protected]<mailto:[email protected]> |
www.ntiva.com<http://www.ntiva.com/>
