/ Zope / Apsis / Pound Mailing List / Archive / 2010 / 2010-03 / HTTPS Backend Config

[ << ] [ >> ]

[ Re: [Pound Mailing List] TPROXY / Falk ... ] [ Pound & Cygwin & RPC over HTTP / ... ]

HTTPS Backend Config
Woon Khai Swen <woonks(at)ioigroup.com>		 2010-03-22 03:34:56 [ FULL ] 
Hello,

Has anyone successfully connect to a HTTPS backend with the latest release 2.5?
Changelog mentioned this is supported in release 2.5c and above.

I tried it out in a lab environment, but failed to make it work. Doing a trial
and error as there is no documentation yet. Error message is:

pound: (b7fd4b70) e500 response error read from 192.168.0.11:443/GET /
HTTP/1:1: Connection timed out (15.009 secs)

 Below is my config.

ListenHTTP
    Address 192.168.0.10
    xHTTP 4
    Port 80
End

ListenHTTPS
    Address 192.168.0.10
    xHTTP   4
    # AddHeader "Front-End-Https: on"
    Port    443
    Cert    "/etc/pki/tls/certs/poundtest.pem"
End

Service
    HeadRequire "Host: .*test.mydomain.com.*"
    BackEnd
        Address 192.168.0.11
        Port    443
    End
End

Since ListenHTTPS must use a cert, can it work with a different cert https
backend? Btw, i am using digicert wildcard cert.

Any suggestion is very much welcomed.
Attachments:  
text.html text/html 6579 Bytes
Re: [Pound Mailing List] HTTPS Backend Config
Albert <pound(at)alacra.com>		 2010-03-22 03:47:24 [ FULL ] 
You need HTTPS directive in the BackEnd section to communicate https 
from pound to backend:

Service
     HeadRequire "Host: .*test.mydomain.com.*"
     BackEnd
         Address 192.168.0.11
         Port    443
	HTTPS
     End
End



On 3/21/2010 10:34 PM, Woon Khai Swen wrote:[...]
Attachments:  
text.html text/html 1931 Bytes
MailBoxer