|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2009
/
2009-03
/
https access on my web server
[
case insensitive URL directive / "Peter ... ]
[
Patches/Goodies / Joe Gooch ... ]
https access on my web server
Sylvain Desveaux <sdesveaux-ml(at)sisteer.com> |
2009-03-25 17:10:00 |
[ FULL ]
|
Hello all,
I used pound in DMZ with https.
My config is 1 dns name / 1 web site.
Here my config :
ListenHTTPS
Address 0.0.0.0
Port 443
Cert "xxx.pem"
xHTTP 3
Service
HeadRequire "Host: www.website.com"
BackEnd
Address xxx.xxx.xxx.xxx
Port 443
End
End
Service
HeadRequire "Host: webmail.website.com"
BackEnd
Address xxx.xxx.xxx.xxx
Port 443
End
End
End
My problem :
Pound used a certificate.
My web site used a certificate too.
If i try to access on the web site this way, i get the error "An
internal server error occurred. Please try again later."
If i remove the web site's certificate , i can access on it.
But many clients, access on the web site (https) by the local network,
so don't pass through the pound.
That's why the certificate is necessary on the web site.
Any idea to solve this problem ?
Thank you.
Sylvain
**************************************************************************************************************************
Ce message et toutes les pieces jointes sont confidentiels et etablis à l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.
Tout message electronique est susceptible d'alteration.
SISTEER decline toute responsabilite au titre de ce message s'il a ete altere, deforme ou falsifie.
Si vous n'etes pas le destinataire de ce message, merci de le detruire et d'informer l'expediteur.
**************************************************************************************************************************
This message and any attachments are confidential and intended solely for the addressee(s).
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
SISTEER shall not be liable for the message if altered, changed or falsified.
If you are not the intended addressee of this message, please cancel it immediately and inform the sender.
**************************************************************************************************************************
|
|
|
|
|
RE: [Pound Mailing List] https access on my web server
"Mark C Williams Sr." <markwill(at)ricernet.com> |
2009-03-25 18:56:08 |
[ FULL ]
|
You can disable https on you web server, as the Load Balancer will be doing the
encryption of the data between the client and your host web server. If that
not feasible, you may need to create another port on the web server listening
on any non-standard port (i.e. 8080) if port 80 is unavailable, that is bonded
to the web instance you are trying to LB.
I have a similar setup where internal and external access requires SSL or
HTTPS. The web instance is bonded to port 443 on one IP address and port 8080
on another IP, since port 80 for this server is utilized for another app. Been
working fine for years.
Mark C Williams Sr.
Ricernet
Technologies
[...]
|
|
|
|
|
Re: [Pound Mailing List] https access on my web server
Sylvain Desveaux <sdesveaux-ml(at)sisteer.com> |
2009-03-26 18:44:17 |
[ FULL ]
|
Thank you.
I have done the same thing.
On the web server (apache2) there are one vhost on port 443 with
certificate for the access from the lan and one vhost on port 444
whithout certificate for the access from pound.
Pound listen on port 443 from internet and redirect on BackEnd port 444.
Sylvain
Mark C Williams Sr. a écrit :[...]
**************************************************************************************************************************
Ce message et toutes les pieces jointes sont confidentiels et etablis à
l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.
Tout message electronique est susceptible d'alteration.
SISTEER decline toute responsabilite au titre de ce message s'il a ete altere,
deforme ou falsifie.
Si vous n'etes pas le destinataire de ce message, merci de le detruire et
d'informer l'expediteur.
**************************************************************************************************************************
This message and any attachments are confidential and intended solely for the
addressee(s).
Any unauthorised use or dissemination is prohibited.
E-mails are susceptible to alteration.
SISTEER shall not be liable for the message if altered, changed or falsified.
If you are not the intended addressee of this message, please cancel it
immediately and inform the sender.
**************************************************************************************************************************
|
|
|
|
