SSL

Gerhard Schmidt schmidt at ze.tum.de
Mon Mar 14 08:45:06 CET 2011


Am 10.03.2011 16:41, schrieb Poul-Henning Kamp:
> In message <20110310152918.GJ1675 at vent.lifeintegrity.localnet>, Allan Wind writ
> es:
>> Is the current thinking still that SSL support will not be 
>> integrated into varnish? 
> 
> Yes, that is current thinking.  I can see no advantages that outweigh
> the disadvantages, and a realistic implementation would not be
> significantly different from running a separate process to do the
> job in the first place.

stunnel has the disatwantage that we loose the clientIP information.
Intigration of SSL in varnish wouldn't have this problem.

with pound thios can be fixen by analysing the forewarded-for header but isn't
that elegant.

Regards

  Estartu

-- 
----------------------------------------------------------
Gerhard Schmidt                | E-Mail: schmidt at ze.tum.de
Technische Universität München | Jabber: estartu at ze.tum.de
WWW & Online Services          |
Tel: +49 89 289-25270          | PGP-PublicKey
Fax: +49 89 289-25257          | on request

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 544 bytes
Desc: OpenPGP digital signature
URL: <https://www.varnish-cache.org/lists/pipermail/varnish-misc/attachments/20110314/75e958e7/attachment-0003.pgp>


More information about the varnish-misc mailing list