|
Niraj Patel wrote:
> I had the RS listening on the RIP before and then in the process of trying to
> get https working, I must have turned it off. http checks now work if RS is
> listening on the RIP. The implication seems to be that
>
> But now I have another problem, well more of a question really. Since https
> uses name resolution to pull the SSL cert, would I also need something like
> the following:
>
Name resolution is used to discover IP address not pull SSL certificates.
Client initiates a TCP connection to server IP address to receive the SSL
certificate. SSL will also work if you connect to IP directly in your browser
(in sence that encryption will take place).
> 1. a dns entry for each virtual host that maps a fqdn like web.abc.com to
> each of the RIPs (not really sure about this part)
> i.e. web.abc.com resolves to RIP1, RIP2, etc.
> 2. an SSL certificate for web.abc.com that's installed on each RS.
>
1 is not needed, ldirectord should be able to perform https checks to IP
directly.
2. you will need this of course
I run several apache ip based virtual servers on several RSs and test them
using ldirectord via http only even though they run https too. If https is
configured properly it will work whenever http does.
Jaro
|
