LVS HTTPS SSL and Squid
horms at verge.net.au
Tue Aug 9 02:33:13 BST 2005
On Tue, Aug 09, 2005 at 10:29:10AM +0900, Horms wrote:
> On Mon, Aug 08, 2005 at 12:36:58PM -0700, Joseph Mack NA3T wrote:
> > On Mon, 8 Aug 2005, Brad Taylor wrote:
> > >Yes, a couple times and I understand parts of it but still getting a
> > >little confused. Doesn't seem to really answer the question below, but
> > >maybe I'm missing something?
> > just wanted to make sure. The situation isn't clear AFAIK
> > either. It's not like it comes up a lot and we've got it
> > down pat. Horms probably has the clearest point on the
> > matter which is not to have a separate SSL engine but to
> > have each realserver do its own decrypting/encrypting.
> > (I haven't done any of this myself.)
> Here is a descrition I wrote a while ago about SSL/LVS
> In a nutshell, you probably want to use persistance
> and have the real-servers handle the SSL decryption.
Actulally, using the lblc scheduler, or something similar,
might be another good solution to this problem.
More information about the lvs-users