search for: sslproxyengine

...meVirtualHost 192.168.1.5:444 <VirtualHost 192.168.1.5:444> ServerName myweb01.local.domain ErrorLog logs/ssl_error.log CustomLog logs/ssl_access.log combined CustomLog logs/ssl_request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" LogLevel info SSLEngine on SSLProxyEngine On SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!ADH:!EXPORT56:!EXP:!eNULL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2 SSLCertificateFile /etc/httpd/certs/server.crt SSLCertificateKeyFile /etc/httpd/certs/server.key ProxyRequests Off ProxyPreserveHost On ProxyPass / http://192.168.1.5:5100...

...rder allow,deny allow from all </Directory> SetEnvIf X-SSL-Subject "(.*)" SSL_CLIENT_S_DN=$1 SetEnvIf X-Client-Verify "(.*)" SSL_CLIENT_VERIFY=$1 SetEnvIf X-Forwarded-For "(.*)" REMOTE_ADDR=$1 SetEnvIf X-Forwarded-Proto "https" HTTPS=1 SSLProxyEngine On # Proxy all requests that start with things like /production/certificate to the CA ProxyPassMatch ^/([^/]+/certificate.*)$ https://puppetlb.aws.*.co.nz:8141/$1 Errorlog /var/log/httpd/puppetmaster.error.log CustomLog /var/log/httpd/puppetmaster.access.log combined </VirtualHost>...

HI all, I am currently setting up a HA devops configuration using puppet. I want to be able to run a single puppet master as the CA and the rest act as peering puppet masters. I have each puppet master running on passenger and I am proxying the SSL requests to the CA server following: http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#option-2-redirect-certificate-traffic

...irtualHost 192.168.1.5:444> > ServerName myweb01.local.domain > ErrorLog logs/ssl_error.log > CustomLog logs/ssl_access.log combined > CustomLog logs/ssl_request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" > LogLevel info > SSLEngine on > SSLProxyEngine On > SSLProtocol -ALL +SSLv3 +TLSv1 > SSLCipherSuite ALL:!ADH:!EXPORT56:!EXP:!eNULL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2 > SSLCertificateFile /etc/httpd/certs/server.crt > SSLCertificateKeyFile /etc/httpd/certs/server.key > ProxyRequests Off > ProxyPreserveHost On >...

...tays! Have put the following in apache ssl config: <VirtualHost *:443> ServerName codegarden.co.uk:443 ProxyPass / http://localhost:4003/ ProxyPassReverse / http://localhost:4003/ ProxyPreserveHost On RequestHeader set X_FORWARDED_PROTO ''https'' SSLEngine on SSLProxyEngine On SSLCertificateFile /var/ssl/public_ssl.cert SSLCertificateKeyFile /var/ssl/private_ssl.key </VirtualHost> where codegarden is my domain name. I have searched and searched, found some similar problems but no solution so far! any help much appreciated. many thanks adam --~--~----...

I''m looking for a way to run more than one puppetmaster on the same server under passenger. Most of the puppet CPU load is waiting for the catalogs to compile. This also seems to be mostly what takes large amounts of RAM. I have storedconfigs on. I want to be able to move the fileserver to a different pool of puppetmaster processes. Is there an easy way to tell the client, either in

Yep, maybe using ssl offloading devices like (BigIP) that receives tls1.2 and tlsv1.2 and then re-encrypts traffic with tls1.0 might be "cheapest" solution. -- Eero 2015-04-17 14:15 GMT+03:00 Johnny Hughes <johnny at centos.org>: > On 04/16/2015 05:00 PM, Eero Volotinen wrote: > > in fact: modgnutls provides easy way to get tlsv1.2 to rhel 5 > > > > -- >

I am trying to move a Rails application, that uses SSL, from an Apache/FastCGI stack, that works fine, to Apache22 and mongrel working with a single mongrel instance (i.e., not mongrel cluster, yet.) I have a single mongrel instance demonized and working fine on http, on port 3000. Apache/OpenSSL/certs working fine. Here is my test http.conf (deliberately kept as simple as possible):