|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2007
/
2007-10
/
Pound and Persistent SSL connections
[
pound log files to use with webalizer? / Matthias ... ]
[
Sometimes apache cannot acquire X-Forwared-For. / ... ]
Pound and Persistent SSL connections
patrice aubry <paubry04(at)yahoo.com> |
2007-10-24 20:36:03 |
[ FULL ]
|
Hello,
My question: Can Pound behave as a reverse SSL proxy with persistent
connections ?
By persistent, I mean that multiple request/response exchanges can take place
between a client and a server over a given connection.
Configuration:
Client <--> HTTP <--> Reverse SSL Proxy <--> HTTPS (2-way)
<--> SSL Server
Similarly,
Server <--> HTTP <--> Reverse SSL Proxy <--> HTTPS (2-way)
<--> SSL Client
Background:
I have attempted to use Apache as a reverse SSL proxy; it works great if and
only you don't need persistent connections. I've just found out that it's an
open bug.
Concretely, the Server sees "Connection: close" in the HTTP Header for each
request from the client.
Thank you in advance,
Regards,
Patrice Aubry
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
|
|
|
|
|
Re: [Pound Mailing List] Pound and Persistent SSL connections
Dave Steinberg <dave(at)redterror.net> |
2007-10-24 21:09:21 |
[ FULL ]
|
> By persistent, I mean that multiple request/response exchanges can[...]
I believe pound uses keep-alives when talking to backend servers. I'd
check the docs.
Pound does support a range of sticky-session methods: client IP, a
header, a cookie, etc. These persist a client's connection to a single
backend.
[...]
Pound speaks HTTP to the backend, so if you want to do this, you need to
use stunnel or something similar. The more typical pound pattern is:
Client speaks HTTP/HTTPS <-> Pound speaks HTTP <-> backend servers
Good luck,[...]
|
|
|
|
