Re: load balancing with 2 HTTPS portal servers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Nedim,

As your configuration is at the moment you proxy the traffic coming on port 443 (SSL port) to the back end servers which means only the requests coming with https:// will work. What you need to do is just write a simple mod_rewrite rule to redirect the traffic from port 80 to 443 and all should work.

Igor

On Thu, Jul 9, 2009 at 10:01 PM, Tom Evans <tevans.uk@googlemail.com> wrote:
On Thu, 2009-07-09 at 12:24 +0300, Nedim Ozan Tekin wrote:
>
> Hi all,
> I have already two successfully working jboss portal servers.
> e.g. https://10.10.0.138:8443/portal
>      https://10.10.0.139:8443/portal they work, there is no problem..
>
> But now , what i want is to be able to use (in httpd.conf):
>
> ProxyPass / balancer://portalcluster/ stickysession=JSESSIONID|jsessionid
> nofailover=On
>
> <Proxy balancer://portalcluster>
>         BalancerMember https://10.10.0.138:8443 route=portaltomcat1
>         BalancerMember https://10.10.0.139:8443 route=portaltomcat1
> </Proxy>
>
> İ realised that, i cannot https server as a balancer member.
> İ already made ssl configuration (certificates related issues) on jboss
> portal , so i dont want/need to do in apache again the same certificate
> issues.
>
> So my problem is that :
> "How can i configure the load balancing(sticky) between two https servers?"
>
> Could you please help me?
>
> Nedim Ozan Tekin
> Systems Engineer
> Havelsan Corp.
> Ankara / TR
>

By putting https on the JBoss servers, you are protecting the
communication between the proxy and the JBoss servers. If you want to
protect the communication between user and proxy, then you need to
configure SSL on apache. Furthermore, since the proxy is not
10.10.0.138, you would require new certificates for the proxy, that are
correct for the hostname that the proxy responds to.

If you dont need to protect comms between proxy and JBoss, then just
drop the https from JBoss. There is no problem with having https
balancer members, but the certificates must match the host name. If you
continue to have proxy problems with https balancer members, then please
set LogLevel debug, and show us the error log resulting in one request
through the proxy.

Cheers

Tom


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux