If you have already installed the certs you can increase the logging
level for troubleshooting...
; Some debugging stuff useful for troubleshooting
debug = 3
output = /var/log/stunnel.log
bye
Bernhard
----- Nachricht von massimo.introvi...@gmail.com ---------
Datum: Mon, 31 Aug 2009 00:44:37 -0400
Von: Massimo Introvigne <massimo.introvi...@gmail.com>
Antwort an: Massimo Introvigne <massimo.introvi...@gmail.com>
Betreff: haproxy + stunnel + ssl cert question
An: haproxy@formilux.org
Hello, I have several web server behind a machine running Haproxy.
traffic from internet to Haproxy machine to web servers on http port
80 works great.
To process SSL traffic, I installed the patched version of stunnel
that passes the X-Forwarded-For header , and I forward port 443, to
port 80 of the ip Haproxy is using as the front end, it all works
great except ...
When clients go to the dns name of the Haproxy machine, they get the
ssl "invalid certificate" error in their browser. This is easily
overcome by clicking "allow exception" in Firefox, but it's annoying,
and also this didn't used to happen before I put Haproxy in the way.
This can't be that uncommon of a problem, but I can't find on the
internet anyone complainign about and then solving this problme.
Any ideas about what I should do?
thanks.
----- Ende der Nachricht von massimo.introvi...@gmail.com -----
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
