Re: HAProxy setup

2015-12-05 Thread Jarno Huuskonen
Hi, On Fri, Dec 04, Milos Zupancic wrote: > Hi, > > I am looking for a solution on how to setup HaProxy and Tomcat with SSL > termination + passing client certificate to the backend tomcat. > > At the moment we use Apache for SSL termination and proxy balancer to point > to tomcat AJP port. >

Re: Contribution for HAProxy: Peer Cipher based SSL CTX switching

2015-12-05 Thread Bryan Talbot
On Fri, Dec 4, 2015 at 10:17 AM, Bryan Talbot wrote: > On Fri, Dec 4, 2015 at 6:15 AM, Dave Zhu (yanbzhu) > wrote: > >> Hey Bryan, >> it’s strange that it’s always loading the ECC cert. I just tested the >> code on my end and I’m not seeing this

Re: Lua Shell letsencrypt

2015-12-05 Thread thierry . fournier
On Fri, 4 Dec 2015 00:23:53 -0700 Mela Luca wrote: > I am looking to automate letsencrypt with lua, the process would be to detect > to see if the domain has a cert already, if not it would execute letsencrypt > on the domain. > Any thought if this would be possible to

Re: Fwd: Re: [squid-users] intercepting traffic

2015-12-05 Thread thierry . fournier
On Thu, 03 Dec 2015 07:40:03 -0500 Brendan Kearney wrote: > i am looking to setup a transparent intercepting proxy, where i use > iptables to DNAT traffic on port 80 and redirect it to HAProxy and in > turn load balance to Squid for fulfillment. the DNAT to HAProxy works >

Set the URI

2015-12-05 Thread Brendan Kearney
I am trying to use HAProxy to perform http interception and transparently proxy outbound http traffic. i am having a dog of a time trying to get this working. I need to rewrite the GET line on a request so that the request is for the absolute URL, and not the relative URI. i found this

Re: lua authentication

2015-12-05 Thread thierry . fournier
Hi, I complement, I would say, that the Lua bindings for the standard Openldap client exists, but unfortunately, the operation is blocking, and doesn't run very well with HAProxy. It seems that a Lua rewrite of the LDAP protocol using standard Lua HAProxy socket is a solution, but this is a big

Re: lua authentication

2015-12-05 Thread Grant Haywood
I found a pretty good starting point https://github.com/morganfainberg/HAProxyKeystoneMiddlware if i do anything with ldap ill post it... - Original Message - From: "Grant Haywood" To: "thierry fournier" Cc: "Igor Cicimov"

Re: lua authentication

2015-12-05 Thread Grant Haywood
I see. Still, is there an example of authenticating an Http connection in lua? im fairly certan i can do a JWT implementation and for LDAP, it may still easyer to proxy a simple (non-ldap) message over a socket, and write a bridge to ldap daemon in something thats not lua. (use at your own