You could use a wildcard SSL cert and redirect to
https://secure.*.tld:/patcha/patchb/file then make your determination
based on the hostname.
The extra $100 cert is a lot less expensive than Radware AppXcel for sure.
On Fri, 23 Nov 2007, Matt Bullock wrote:
Date: Fri, 23 Nov 2007 18:06:12 -0800
From: Matt Bullock <[EMAIL PROTECTED]>
Reply-To: users@httpd.apache.org
To: users@httpd.apache.org
Subject: RE: [EMAIL PROTECTED] Redirect to HTTPS using Load Balancer/SSL Offload
Eric,
That definitely seems like the reason the redirect keeps looping. Every
example I have seen has involved {SERVER_PORT} (is or isn't) 443 as a
RewriteCond, but I haven't found a way to let apache know if the current
session between the client and the load balancer is being encrypted or
not.
Brian,
I am using a Barracuda, which is far cheaper, and has far less features
than some of the other vendors like Radware, F5 and Cisco LocalDirector.
I will find out if it there is a way for the barracuda to let apache
know its current offload status so it can differentiate between each
request.
Matt
-----Original Message-----
From: Brian A. Seklecki [mailto:[EMAIL PROTECTED]
Sent: Friday, November 23, 2007 5:36 PM
To: Eric Covener
Cc: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Redirect to HTTPS using Load Balancer/SSL
Offload
Radware has some nice header rewriting features in its SSL accelerator
package.
~BAS
On Fri, 23 Nov 2007, Eric Covener wrote:
Date: Fri, 23 Nov 2007 20:25:30 -0500
From: Eric Covener <[EMAIL PROTECTED]>
Reply-To: users@httpd.apache.org
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] Redirect to HTTPS using Load Balancer/SSL
Offload
On Nov 23, 2007 7:59 PM, Matt Bullock <[EMAIL PROTECTED]> wrote:
Thanks for the reply. The redirect loops the requested page never
comes
up. The log prints the same thing over and over.
You said the LB does SSL offload. You haven't given apache any way to
distinguish when someone hits the LB via http or https, so it
redirects in both cases. Maybe your LB sets some additional header
in the case it handled SSL?
--
Eric Covener
[EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
