httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jakub Moscicki <Jakub.Mosci...@cern.ch>
Subject [users@httpd] Re: reverse proxy choice to origin servers: https->https or https->http
Date Mon, 10 Feb 2014 14:15:13 GMT

Is it true that if proxy is setup https->http then it only has to
decrypt/encrypt the headers and the body is encrypted/decrypted on the backend?
What ? Eh, no. If you configure your frontend with https and your backends with http, then
you just told apache to NOT use SSL between mod_proxy and the backend servers. Only your frontends
will do SSL handshakes in this setup. That's pretty much SSL Offloading, maybe you got that
confused ?


Sorry, it was a typo of course. I mean: https->https. So if a proxy forwards https to the
backend which accepts https - then would the proxy decrypt the headers only or the entire
request? I am adding cookies at the proxy for stickyness so the proxy must be handling the
headers.

In my case http at the backend could be an option inside a trusted network.

kuba

--


Mime
View raw message