Re: relayd.conf and multiple webservers on the inside
depending on your dns name flexability, another possible alternative is to use site names like bob.example.com and alice.example.com then you can run both via a single wildcard SSL cert "*.example.com" on the single IP address. /Pete On 14. apr. 2011, at 20:45, Matthew Dempsky wrote: > On Thu, Apr 14, 2011 at 11:36 AM, Matthew Dempsky wrote: >> On Thu, Apr 14, 2011 at 11:09 AM, Kevin Chadwick wrote: >>> Are you sure you want to do this. Do you want any ssl on these sites, >>> because you'll need ugly :port on your ssl urls if you do. >> >> Using Subject Alternative Names, you can get a single SSL certificate >> that covers multiple hostnames. > > Alternatively, if someone adds SNI support to relayd, then you could > still use multiple distinct SSL certificates as well. The version of > OpenSSL in base already supports SNI. > > Also, both of these solutions assume relayd is the SSL termination > point for both web sites. If instead you want the backends to be > responsible for handling SSL, then yeah, you need to use separate IP > addresses or ports.
Re: relayd.conf and multiple webservers on the inside
Quoting Fernando Clvarez : > Hi, > > Is there any way to enable a reverse proxy using relayd to redirect web > requests to different webservers depending on the http header? > > To clarify: (Internet) 1 IP address -> OpenBSD Box -> 2 Web servers > (LAN) > If I point to www.server1.com be redirected to webserver 1, and if I go > to > www.server2.com be redirected to webserver2, using the same IP on both > domain names. > > As relayd.conf protocol section filters to one destination, and relay > section then applies only one defined protocol, I have no idea on how > to > achieve this. Don't think so, no. Things might have moved on since this from Stuart, so I'd love to be told I'm wrong! http://marc.info/?l=openbsd-misc&m=126278061325299&w=2 > > Thank you in advance,
Re: relayd.conf and multiple webservers on the inside
On Thu, Apr 14, 2011 at 11:36 AM, Matthew Dempsky wrote: > On Thu, Apr 14, 2011 at 11:09 AM, Kevin Chadwick > wrote: >> Are you sure you want to do this. Do you want any ssl on these sites, >> because you'll need ugly :port on your ssl urls if you do. > > Using Subject Alternative Names, you can get a single SSL certificate > that covers multiple hostnames. Alternatively, if someone adds SNI support to relayd, then you could still use multiple distinct SSL certificates as well. The version of OpenSSL in base already supports SNI. Also, both of these solutions assume relayd is the SSL termination point for both web sites. If instead you want the backends to be responsible for handling SSL, then yeah, you need to use separate IP addresses or ports.
Re: relayd.conf and multiple webservers on the inside
On Thu, Apr 14, 2011 at 11:09 AM, Kevin Chadwick wrote: > Are you sure you want to do this. Do you want any ssl on these sites, > because you'll need ugly :port on your ssl urls if you do. Using Subject Alternative Names, you can get a single SSL certificate that covers multiple hostnames.
Re: relayd.conf and multiple webservers on the inside
On Thu, 14 Apr 2011 18:06:13 +0200 Fernando Clvarez wrote: > To clarify: (Internet) 1 IP address -> OpenBSD Box -> 2 Web servers (LAN) > If I point to www.server1.com be redirected to webserver 1, and if I go to > www.server2.com be redirected to webserver2, using the same IP on both > domain names. Are you sure you want to do this. Do you want any ssl on these sites, because you'll need ugly :port on your ssl urls if you do. IPs should be cheap too. Another possibility is to have both web servers serving both sites with session tracking or are these seperately controlled/seperate owners.
relayd.conf and multiple webservers on the inside
Hi, Is there any way to enable a reverse proxy using relayd to redirect web requests to different webservers depending on the http header? To clarify: (Internet) 1 IP address -> OpenBSD Box -> 2 Web servers (LAN) If I point to www.server1.com be redirected to webserver 1, and if I go to www.server2.com be redirected to webserver2, using the same IP on both domain names. As relayd.conf protocol section filters to one destination, and relay section then applies only one defined protocol, I have no idea on how to achieve this. Thank you in advance,