----- Original Message ----- > Hi everybody, > > [Please CC me in replies, I am not currently subscribed to this > mailing > list.] > > For a research project, we currently have an interesting problem to > solve: to connect HTTPS clients to dynamically changing, internal > HTTPS > servers. One approach that we are currently evaluating is to use a > publicly accessible HTTP proxy with CONNECT support to "tunnel" the > HTTPS connections to the internal servers. However, the internal > addresses may change dynamically. The question is therefore if > Traffic > Server can be configured to (or if it is easy to write a plug-in to): > > a) be used in "normal" proxy server mode for clients with explicit > proxy > server configuration to use the CONNECT call for some HTTPS URLs; and > > b) for the origin server resolving to be done dynamically based on > internal look-up tables. E.g. the URL > https://my-example.local.com/whatever specified by any client in the > CONNECT request should be mapped to host 10.20.30.40 (the HTTPS > server > may use my-example.local.com as its server address, but the IP will > change dynamically).
It seems to me all that is required is to set the DNS TTL very low. > I am aware that this is a mix between reverse proxy functionality > (mapping to internal servers) and normal proxying (CONNECT to > client-specified, different URLs). Based on the SDK documentation, I > am > also unsure which kind of plug-in would be required to make this > work. > The backup plan is to use a "normal" proxy with dynamic DNS for > resolving the internal IP addresses, but we would like to avoid this > complexity if possible. > > Are we on the right track and is this possible with Traffic Server? > > best regards, > Rene i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: [email protected] URL: http://brainsware.org/ GPG: 571B 8B8A FC97 266D BDA3 EF6F 43AD 80A4 5779 3257
