OoO La nuit ayant déjà recouvert d'encre ce jour du mardi 13 décembre
2011, vers 23:20, "Brane F. Gračnar" disait :
> It also uses much less memory than stunnel (openssl >= 1.x.x).
stunnel has also enabled the SSL_MOD_RELEASE_BUFFERS on recent versions
(since 4.45). I think this would amend
OoO La nuit ayant déjà recouvert d'encre ce jour du mardi 13 décembre
2011, vers 23:43, "John Lauro" disait :
> Found this with google comparing the two (only a few months old):
> http://vincent.bernat.im/en/blog/2011-ssl-benchmark.html
> In summary, performance appears to be close as long as
ot;Brane F. Gračnar" [mailto:brane.grac...@tsmedia.si]
>> Sent: Tuesday, December 13, 2011 5:21 PM
>> To: David Prothero
>> Cc: John Lauro; haproxy@formilux.org
>> Subject: Re: SSL best option for new deployments
>>
>> On 12/13/2011 10:43 PM, David Prothero wrote:
, newer version of stunnel probably perform better.
> -Original Message-
> From: "Brane F. Gračnar" [mailto:brane.grac...@tsmedia.si]
> Sent: Tuesday, December 13, 2011 5:21 PM
> To: David Prothero
> Cc: John Lauro; haproxy@formilux.org
> Subject: Re: SSL bes
On 12/13/2011 10:43 PM, David Prothero wrote:
> I've been using stunnel with the X-Forwarded-For patch. Is stud preferable to
> stunnel for some reason?
Stunnel usually uses thread-per-connection architecture - as you
probably know this programming model has serious scaling issues. Stud is
single
ubject: Re: SSL best option for new deployments
On 12/13/2011 09:02 PM, John Lauro wrote:
> Been using haproxy for some time… but have not used it with SSL yet.
>
> I do need to preserve the IP address of the original client. So
> either transparent (is that possible when going thro
On 12/13/2011 09:02 PM, John Lauro wrote:
> Been using haproxy for some time… but have not used it with SSL yet.
>
> I do need to preserve the IP address of the original client. So either
> transparent (is that possible when going through stunnel or other and
> haproxy on the same box), or X-For
Been using haproxy for some time. but have not used it with SSL yet.
What is the best option to implement SSL? There seems to be several
options, some requiring 1.5 (which isn't exactly ideal as 1.5 isn't
considered stable yet).
I do need to route based on the incoming request, so decode
8 matches
Mail list logo