there is of course a tls to much in the config
its just
relay "proxyssl" {
listen on $gateway port https
protocol "httpproxy"
forward to <new-webserver> port https
}
Am 20.09.2017 um 10:19 schrieb rosjat:
> Hi there,
>
> just a simple question about the relaying of https connections. Is it
> possible to simple pass the https traffic to the webserver with relayd?
> My naive approach was simply checking the host name in the header and
> then forward it to http or https port. This works for http but with
> https it doesnt.
>
>
> here are my relayd.conf parts
>
>
> http protocol "httpproxy" {
>
> match request quick header "Host" value
> "random-domain1.tld" forward to <new-webserver>
> match request quick header "Host" value
> "random-domain2.tld" forward to <old-webserver>
>
> }
>
> relay "proxy" {
> listen on $gateway port http
> protocol "httpproxy"
>
> forward to <new-webserver> port http
> forward to <old-webserver> port http
>
> }
>
> relay "proxyssl" {
> listen on $gateway port https
> protocol "httpproxy"
>
> forward to <new-webserver> port https tls
> }
>
> with this I dont get a relay for https it seems, if I add tls to the
> listen part I got told relayd cant find the certificates. And that is
> totally understanable because there are no certs on this machine for
> these domains because the are on the webserver machine.
>
>
> So it all boils down to the question, do I have to set up my
> certificates on the relay host to be able to use a https relay ?
>
>
> regards
>
>
--
Markus Rosjat fon: +49 351 8107223 mail: rosjat@ghweb.de
G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden
http://www.ghweb.de
fon: +49 351 8107220 fax: +49 351 8107227
Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before
you print it, think about your responsibility and commitment to the
ENVIRONMENT
No comments:
Post a Comment