nanog mailing list archives

Re: Anyone using any Linux SSL proxies?

From: Stuart Henderson <stu () spacehopper org>
Date: Sun, 15 Mar 2009 22:53:14 +0000 (UTC)

On 2009-03-15, Mike Lyon <mike.lyon () gmail com> wrote:

Howdy,

I am wondering what folks are recommending/using these days for Linux SSL
proxies? I need to build a linux box that basically acts as an SSL offloader
would (like a BigIP / Cisco ACE / Netscaler would do). Listen on port 443,
decrypt the SSL and then forward the request onto the webserver on port 80.


Pound works ok for this. OpenBSD's relayd also supports this, and if it's
on a machine in the network path in front of the backend server/s, there's
a transparent mode that maintain the source IP address from the original
connection.

DSR is not required.


Just as well, if you think about it... :-)

Current thread:

Anyone using any Linux SSL proxies? Mike Lyon (Mar 14)
- Re: Anyone using any Linux SSL proxies? Valdis . Kletnieks (Mar 14)
  - Re: Anyone using any Linux SSL proxies? Charles Wyble (Mar 14)
- Re: Anyone using any Linux SSL proxies? Michael K. Smith (Mar 15)
  - Re: Anyone using any Linux SSL proxies? Adrian Chadd (Mar 15)
  - Re: Anyone using any Linux SSL proxies? Andy Davidson (Mar 18)
- Re: Anyone using any Linux SSL proxies? Stuart Henderson (Mar 15)