Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
 |
GNU/Linux Basic Guide
This 255-page guide will provide you with the keys to understand the philosophy of free software, teach you how to use and handle it, and give you the tools required to move easily in the world of GNU/Linux. Many users and administrators will be taking their first steps with this GNU/Linux Basic guide and it will show you how to approach and solve the problems you encounter.
Click Here to receive this Complete Guide absolutely free. |
|
 |
01-21-2003, 04:07 AM
|
#1
|
|
LQ Newbie
Registered: Dec 2002
Location: India
Posts: 3
Rep: 
|
HTTP to HTTPS
I have a requirement to place a reverse proxy server and convert all internet traffic HTTP requests to HTTPS and forward it to the Web server in the DMZ. Is this possible to do using proxy servers available in the market? Who is the vendor and any issues in deploying such a configuration?
Thanks
Sadashiv
|
|
|
|
|
01-21-2003, 08:53 AM
|
#2
|
|
Guru
Registered: Jan 2001
Posts: 24,128
Rep: 
|
I don't know about proxy servers that are out on the market but couldn't you build your own proxy server with say, eh, your favorite Linux distro to do this job ? Might be less hassle in try to find a prebuilt one that could do this for you.
Just a thought.
|
|
|
|
|
01-21-2003, 12:25 PM
|
#3
|
|
Moderator
Registered: May 2001
Posts: 24,964
|
Only things come to mind right now are DeleGate and Apache's mod_ssl+mod_proxy. It think it's best you research issues yourself, I'm not familiar with your requirements.
|
|
|
|
|
01-21-2003, 06:09 PM
|
#4
|
|
Member
Registered: Dec 2002
Location: Xalapa, Ver. México
Distribution: Red Hat
Posts: 108
Rep:
|
You can bind the https service at port 80. Now all the request wana be https, good look
|
|
|
|
|
01-21-2003, 11:30 PM
|
#5
|
|
Guru
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280
Rep:
|
aigartua, that sounds like a good idea, but doesnt ssl slow down the process, so doing that on pages taht might not need it would be wasteful, maybe not too noticeable but im not sure, a better solution would be to forward on the ages requred to https:// instead of all requests. but the proxy server part im not sure about either |
|
|
|
|
01-22-2003, 06:02 AM
|
#6
|
|
Moderator
Registered: May 2001
Posts: 24,964
|
I think he means conversion, like this:
Code:
CLIENT |FW | DMZ |
[http] <--> [SSLizer] <--> [https]
| | |
| | |
|
|
|
|
|
01-22-2003, 04:03 PM
|
#7
|
|
Member
Registered: Dec 2002
Location: Xalapa, Ver. México
Distribution: Red Hat
Posts: 108
Rep:
|
ok, you can make nat from you external ethernet port 80 to dmz ethernet ip_server_http:442
|
|
|
|
|
01-22-2003, 04:30 PM
|
#8
|
|
Member
Registered: Dec 2002
Location: Xalapa, Ver. México
Distribution: Red Hat
Posts: 108
Rep:
|
sorry, the https port is 443
|
|
|
|
|
01-31-2003, 04:29 AM
|
#9
|
|
LQ Newbie
Registered: Dec 2002
Location: India
Posts: 3
Original Poster
Rep:
|
Finally, I arrived to this solution.
Internet -->DMZ1-->DMZ2-->DMZ3-->Intranet
Reverse proxy in DMZ1 will route the HTTP traffic to DMZ2 and HTTPS traffic to DMZ3. This way separated the public access pages from the secure information.
Thanks for all your suggestions.
Sadashiv
|
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 06:55 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
