On 4/30/07, wi <icebattle@xxxxxxxxx> wrote:
Hi all I have an Apache instance that is functioning as a reverse proxy for our app server. For standard http, this works fine. However, we'd like to send SSL traffic through the proxy to the back end server. I don't want to decrypt the traffic at the Apache instance, just re-route it to the back end? I can't seem to find a way to do this, without doing the decryption. Is mod_proxy up for this?
I don't think you can reverse-proxy ssl. Since everything is encrypted, there is nothing for a reverse-proxy to handle -- just a raw stream of bytes. For a forward proxy, this is handled using the CONNECT method; but obviously the client needs to know about the proxy to use that. Luckily there is an easy alternative. Just use "port forwarding" at the OS or firewall-level. Since there is no processing that can be done at the apache-level (due to the encryption) you don't lose anything by doing simple port-forwarding. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|