15 Mar
2009
15 Mar
'09
6:53 p.m.
On 2009-03-15, Mike Lyon <mike.lyon@gmail.com> wrote:
Howdy,
I am wondering what folks are recommending/using these days for Linux SSL proxies? I need to build a linux box that basically acts as an SSL offloader would (like a BigIP / Cisco ACE / Netscaler would do). Listen on port 443, decrypt the SSL and then forward the request onto the webserver on port 80.
Pound works ok for this. OpenBSD's relayd also supports this, and if it's on a machine in the network path in front of the backend server/s, there's a transparent mode that maintain the source IP address from the original connection.
DSR is not required.
Just as well, if you think about it... :-)