Security Basics mailing list archives
Re: SSL Reverse Proxy
From: Daniel Williams <dwilliams () datainventory com>
Date: Tue, 29 Apr 2003 17:55:39 -0400
Question, is server A and B configured for https or http? If server A and B are configured to use http, then you could use Apache.Apache would terminate your https connections to mydomain.com, then use mod_proxy to redirect to servers A and B. Here is an example Apache 1.3.x config, from Apache's online manual, http://httpd.apache.org/docs/mod/mod_proxy.html#proxypassreverse
SSL server config, hosting https://mydomain.com/ ProxyPass /appA/ http://appA.mydomain.com/ ProxyPassReverse /appA/ http://appA.mydomain.com/ ProxyPass /appB/ http://appB.mydomain.com/ ProxyPassReverse /appB/ http://appB.mydomain.com/ This may help. Andrea Cogliati wrote:
Guys, We are looking for a reverse-proxy supporting both http and https, capable of terminating the client connections and redirecting the requests based on URL (something like MS ISA); caching would be nice to have but, definitely, not mandatory; must run on OpenBSD and/or Linux. We already know the security implications of this approach. We basically need to share the same SSL certificate and the same DNS name between two different servers. That is, https://mydomain.com/appA and https://mydomain.com/appB, where requests to the first URL will be handled by server A, and those to the latter by server B. Any hints? Thank you in advance for any advice. Andrea ---------------------------------------------------------------------------Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
---------------------------------------------------------------------------FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ----------------------------------------------------------------------------
Current thread:
- SSL Reverse Proxy Andrea Cogliati (Apr 28)
- Re: SSL Reverse Proxy Vic Parat (NSS) (Apr 29)
- Re: SSL Reverse Proxy Daniel Williams (Apr 30)
- <Possible follow-ups>
- RE: SSL Reverse Proxy Rivera Alonso, David (Apr 29)
- RE: SSL Reverse Proxy Lucas Zaichkowsky (Apr 29)
- RE: SSL Reverse Proxy Andrea Cogliati (Apr 30)