Hi everybody, [Please CC me in replies, I am not currently subscribed to this mailing list.]
For a research project, we currently have an interesting problem to solve: to connect HTTPS clients to dynamically changing, internal HTTPS servers. One approach that we are currently evaluating is to use a publicly accessible HTTP proxy with CONNECT support to "tunnel" the HTTPS connections to the internal servers. However, the internal addresses may change dynamically. The question is therefore if Traffic Server can be configured to (or if it is easy to write a plug-in to): a) be used in "normal" proxy server mode for clients with explicit proxy server configuration to use the CONNECT call for some HTTPS URLs; and b) for the origin server resolving to be done dynamically based on internal look-up tables. E.g. the URL https://my-example.local.com/whatever specified by any client in the CONNECT request should be mapped to host 10.20.30.40 (the HTTPS server may use my-example.local.com as its server address, but the IP will change dynamically). I am aware that this is a mix between reverse proxy functionality (mapping to internal servers) and normal proxying (CONNECT to client-specified, different URLs). Based on the SDK documentation, I am also unsure which kind of plug-in would be required to make this work. The backup plan is to use a "normal" proxy with dynamic DNS for resolving the internal IP addresses, but we would like to avoid this complexity if possible. Are we on the right track and is this possible with Traffic Server? best regards, Rene
