OK I did see that message, but the other one came in after it, so I thought it was later in the series.

 

No worries. Glad it’s working for you!


Joe

 

From: Jean-Pierre [mailto:jp@mirmana.com]
Sent: Wednesday, February 08, 2012 6:10 PM
To: pound@apsis.ch
Subject: RE: [Pound Mailing List] HTTPS backend

 

Hi Joe,

 

Immediately after sending my last message I made a new one...

I just discovered that message somehow didn't get to the mailing list (maybe it wasn't sent).

 

Sorry to have wasted your time.

I always work with pound 1.6f, but on this system I installed it with apt-get (Ubuntu 10.4 LTS) and it was an old version (I believe 1.45).

 

I compiled pound from source and now it's running as expected.

 

 

JP
 

-----Original message-----
From: Joe Gooch <mrwizard@k12system.com>
Sent: Wed 08-02-2012 17:46
To: 'pound@apsis.ch' <pound@apsis.ch>;
Subject: RE: [Pound Mailing List] HTTPS backend

man pound

 

It should be there.

 

BackEnd

       A  back-end  is  a  definition  of  a single back-end server Pound will use to reply to incoming requests.  All configuration directives enclosed between BackEnd and End are specific to a single service. The following

       directives are available:

 

       Address address

              The address that Pound will connect to. This can be a numeric IP address, or a symbolic host name that must be resolvable at run-time. If the name cannot be resolved to a valid address, Pound will  assume  that

              it represents the path for a Unix-domain socket. This is a mandatory parameter.

 

       Port port

              The port number that Pound will connect to. This is a mandatory parameter for non Unix-domain back-ends.

 

       HTTPS [ "cert" ]

              The back-end is using HTTPS. If the optional parameter cert is specified, Pound will present this certificate to the back-end.

 

 

If it isn’t, your installed pound does not have that feature.  Don’t know what else to tell you.

 

Joe

 

From: Jean-Pierre van Melis [mailto:jp@mirmana.com]
Sent: Wednesday, February 08, 2012 10:19 AM
To: pound@apsis.ch
Subject: RE: [Pound Mailing List] HTTPS backend

 

Joe,

 

I tried that before....

I'm getting this error message....

 

 

Start service "pound" (/etc/rc2.d/S20pound)

service: Start service: "pound" (/etc/rc2.d/S20pound)

* Starting reverse proxy and load balancer pound                                                                       starting...

line 47: unknown directive "                    HTTPS" - aborted


 


 

-----Original Message-----
From: Joe Gooch <mrwizard@k12system.com>
To: "'pound@apsis.ch'" <pound@apsis.ch>
Date: Wed, 8 Feb 2012 14:39:49 +0000
Subject: RE: [Pound Mailing List] HTTPS backend



See lines below.
Joe

> -----Original Message-----
> From: Jean-Pierre [mailto:jp@mirmana.com]
> Sent: Wednesday, February 08, 2012 8:52 AM
> To: pound@apsis.ch
> Subject: RE: [Pound Mailing List] HTTPS backend
>
> Hi Joe,
>
> I'm using 2.6f
>
> I did see the possibility to do a redirect, but this is AFAIK only
> possible outside the backend-scope.
>
> ListenHTTPS
>         Address 0.0.0.0
>         Port    4443
>
>         Cert       "/root/.ssh/cert.pem"
>         CAList     "/root/.ssh/godaddy-class2.pem"
>         xHTTP 3
>
>         Service "pfsense"
>                 BackEnd
>                         Address 82.172.139.149
>                         Port 61080
                          HTTPS
>                 End
>                 BackEnd
>                        Address 89.250.170.164
>                         Port 61080
                          HTTPS
>                 End
>                 BackEnd
>                         Address 89.250.169.117
>                         Port 61080
                          HTTPS
>                 End
>         End
> End
>
> This is my config...
> How should it look if these backends were https backend?
>
>
> -----Original message-----
> From: Joe Gooch <mrwizard@k12system.com>
> Sent: Tue 07-02-2012 22:45
> To: 'pound@apsis.ch' <pound@apsis.ch>;
> Subject: RE: [Pound Mailing List] HTTPS backend
>
>
> HTTPS backends were added in v2.5c... Are you having an issue
> configuring the feature, or are you using a pound that is older than
> that, or is it something else?
>
> Joe
> > -----Original Message-----
> > From: Jean-Pierre [mailto:jp@mirmana.com]
> > Sent: Tuesday, February 07, 2012 2:05 PM
> > To: pound@apsis.ch
> > Subject: [Pound Mailing List] HTTPS backend
> >
> > I've been using pound for a long while now.
> > I'm also using pound to terminate my HTTPS connection with a cheapo
> 1-
> > subdomain SSL-certificate.
> > Thanks to Pound I can have a few different machines using 1 IP and 1
> > subdomain.
> >
> > I now wanted to use pound to proxy my multi-WAN router.
> > The multi-WAN router uses several modems and with pound I will always
> > get a connection from a remote location because pound will only proxy
> > for connections that are UP. This way I don't need to remember IP's
> (I
> > can still do this as fallback).
> >
> > During configuration I realized for the first time that I can't proxy
> > to an SSL-connection.
> > I now switched to http remote access, but this means someone can get
> my
> > passwords....
> >
> > Is there a special reason why I can't use https-backend?
> > SSL-support is already there as a client...
> >
> > BTW... I only need SSL-encryption, not 3-rd party authentication.
> >
> > JP
> >
> >
> >
> > --
> > To unsubscribe send an email with subject unsubscribe to
> > pound@apsis.ch.
> > Please contact roseg@apsis.ch for questions.
>
> --
> To unsubscribe send an email with subject unsubscribe to
> pound@apsis.ch.
> Please contact roseg@apsis.ch for questions.

--
To unsubscribe send an email with subject unsubscribe to pound@apsis.ch.
Please contact roseg@apsis.ch for questions.