All,
I have some general questions about reverse-proxying SSL.
1. What is the best way to do it using Squid:
a. Do a straight redirect from port 443 to port 443 from server
to server with no certificate presented from the firewall, but rather
from the server that the connection is redirected to (is this even
possible with Squid?).
b. Redirect port 443 to port 80 on the destination server(s),
and use the firewall to present each of the certificates.
2. If the answer is B, I have several backend SSL servers, all of which
I want to redirect connections to. I am not good at all with server
keys and certificates. Does anyone know of any documentation for how to
deal with importing certificates that were generate for the backend
servers, so they work on the Firewall? I found documentation for how to
create and generate your own certificates, and keys, but I am afraid I
don't know enough about the way keys and certificates work to fully
understand how to make that work for my particular purpose.
This is an aspect of proxying/reverse-proxying where my knowledge is
weak, maybe some of you have some suggestions.
Thanks!
Received on Sun May 22 2005 - 13:35:32 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:03 MDT