trafficserver-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: SSL Termination in Forward proxy mode.
Date Thu, 12 Dec 2013 04:43:21 GMT
On Dec 11, 2013, at 9:49 AM, Vikram <mvikramaditya@yahoo.com> wrote:

> Thanks Alan. It does look like I have to jump through a few hoops to get this working.
> 
> I might actually go have a look at the code to see why this is not possible out of the
box with ATS. Seems like a useful feature to have. Squid does this through SslBump I believe.
I am new to the ATS code, so any pointers as to where I can start looking will be appreciated.

Certificate selection (mostly) happens in ssl_servername_callback(), see <https://github.com/apache/trafficserver/blob/master/iocore/net/SSLUtils.cc#L162>.
Ideally, this would be plumbed through to the plugin API, but the synchronous API model is
not a great fit for that.

> 
> If anyone else has any insights as to whether there is an easier way, thats appreciated
too :)
> 
> Thanks,
> Vikram


Mime
View raw message