Hi there,
ok I tried the with tls option and I can al least see relayd tries to
send the request to the webserver. I still cant get a proper response
from the webserver. When I do da simple rdr-to rule in pf it just works.
Do I need to do some magic that I miss still?
Regards
MArkus
Am 21.09.2017 um 07:19 schrieb rosjat:
> Hi Ronan,
>
> thanks for the hint I'll give it a try!
>
> regards
>
> Markus
>
> Am 20.09.2017 um 21:30 schrieb Ronan Viel:
>> Hi,
>> This kind of config works perfectly on my box. I am not sure SNI has
>> something to do here as relayd terminates the https connection, gets
>> all the headers and reopens a new one.
>> I just think you forgot the "with tls" in your forward directive below:
>>
>> relay "proxyssl" {
>> listen on $gateway port https
>> protocol "httpproxy"
>>
>> forward with tls to <new-webserver> port https
>> }
>>
>> Do not forget to set a "ca file" in your protocol section if you want
>> relayd to check the certificate of your target's server (see
>> relayd.conf man).
>>
>> Ronan
>>
>
--
Markus Rosjat fon: +49 351 8107223 mail: rosjat@ghweb.de
G+H Webservice GbR Gorzolla, Herrmann
Königsbrücker Str. 70, 01099 Dresden
http://www.ghweb.de
fon: +49 351 8107220 fax: +49 351 8107227
Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before
you print it, think about your responsibility and commitment to the
ENVIRONMENT
No comments:
Post a Comment