On Tue, Aug 17, 2010 at 02:36:00AM +0200, hapr...@serverphorums.com wrote: > Although I now have another solution in place, I'm still wondering if I > could make haproxy work for me as a backup solution. > > I know that I can terminate SSL with stunnel and then send data on unecrypted > to haproxy, but is there a utility that I can use to re-encrypt with before > sending on to my app servers? So ..... > > packets from internet---->stunnel----->haproxy (cookie insert for session > affinity)------>re-encrypt----->app server(s)?
yes, stunnel does support that too (client mode instead of server mode). It can even be the same process with new entries in its config file. > I know that this is an awkward way to do things, but I am at the mercy of my > application vendor. sometimes you have no choice and stunnel is quite handy for that. Regards, Willy