Hi, I want to configure the TS as a reverse proxy which can handle HTTP and HTTPS traffic. I set up a map in remap.config like this:
map https://extern.tld/ http://internal.local:7080/ reverse_map http://internal.local:7080/ https://external.tld/ The relevant configuration in the records.config: CONFIG proxy.config.reverse_proxy.enabled INT 1 CONFIG proxy.config.header.parse.no_host_url_redirect STRING NULL CONFIG proxy.config.ssl.enabled INT 1 CONFIG proxy.config.ssl.SSLv2 INT 1 CONFIG proxy.config.ssl.SSLv3 INT 1 CONFIG proxy.config.ssl.TLSv1 INT 1 CONFIG proxy.config.ssl.server_port INT 443 CONFIG proxy.config.ssl.client.certification_level INT 0 CONFIG proxy.config.ssl.server.cert.filename STRING server.pem CONFIG proxy.config.ssl.server.cert_chain.filename STRING NULL CONFIG proxy.config.ssl.server.cert.path STRING /etc/ssl/private/ CONFIG proxy.config.ssl.server.private_key.filename STRING NULL CONFIG proxy.config.ssl.server.private_key.path STRING /etc/ssl/private/ CONFIG proxy.config.ssl.CA.cert.filename STRING NULL CONFIG proxy.config.ssl.CA.cert.path STRING NULL If I want to access the URL, I get the following: $openssl s_client -debug -status -connect extern.tld:443 CONNECTED(00000003) write to 0xb4aef0 [0xb4b1a8] (104 bytes => 104 (0x68)) 0000 - 16 03 01 00 63 01 00 00-5f 03 01 4e eb 1e af 40 ....c..._..N...@ 0010 - 58 bc c2 4e 91 32 4b 58-80 44 5a eb 11 58 aa bd X..N.2KX.DZ..X.. 0020 - 9d 67 c4 a0 cd 23 17 1c-ce b3 0f 00 00 28 00 39 .g...#.......(.9 0030 - 00 38 00 35 00 16 00 13-00 0a 00 33 00 32 00 2f .8.5.......3.2./ 0040 - 00 05 00 04 00 15 00 12-00 09 00 14 00 11 00 08 ................ 0050 - 00 06 00 03 00 ff 02 01-00 00 0d 00 23 00 00 00 ............#... 0060 - 05 00 05 01 .... 0068 - <SPACES/NULS> read from 0xb4aef0 [0xb64488] (7 bytes => 7 (0x7)) 0000 - 15 03 01 00 02 02 28 ......( 5564:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:602: $curl -v -0 https://extern.tld/ * About to connect() to dev.ejump.sic-software.tk port 443 (#0) * Trying 193.158.63.21... connected * successfully set certificate verify locations: * CAfile: /usr/ssl/certs/ca-bundle.crt CApath: none * SSLv3, TLS handshake, Client hello (1): * error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure * Closing connection #0 curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure the traffic.out logfile says: Server {1080852432} ERROR: SSL ERROR: SSL_ServerHandShake. Server {1080852432} ERROR: SSL::0:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1226: Whats going wrong here? I can't track it down to to problem :( HTTP traffic works just fine. Aaron
