Re: [lvs-users] SSL forwarding problem.

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] SSL forwarding problem.
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Thu, 27 Mar 2008 09:44:55 +0000

On Tue, 2008-03-25 at 15:07 -0700, Chuck Cochems wrote:
> I've got port 80 fine, but port 433 doesn't seem rto want to cooperate.

OK... you need to provide a bit more information to solve this one.

> the port in fact DOES get forwarded, as verified by telnetting to it, 
> but any browser i use simply hangs and never completes the connection.

When you say "verified", what do you mean? Do you see forwarded packets
on the realservers on port 443?

> The plan is of course to share the same key on all virtual servers, 
> since they have the "same domain name"

Heh. If you're using a commercial certificate, make sure you pay the
multiple license fee for this or they'll come for your children ;-)

<snip config>

Most of that makes sense, apart from...

> note that i have it checking port 80 for the ssl forward check. this is 
> to avoid the checker having to key negotiate.

If I were you, I'd make the checker go through that or it isn't really
testing the secure service. It isn't *that* much of an overhead.

Can you send us the output from "ipvsadm -L -n" when ldirectord is
running, please?


<Prev in Thread] Current Thread [Next in Thread>