Article delegate-en <_A306@delegate-en.ML_>
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[delegate-en/306] [Reference:<_A303@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: SSLWAY difficulties
26 Feb 1999 05:18:16 GMT ysato@etl.go.jp (Yutaka Sato)


On 02/25/99(08:13) you "LAIDMAN,Jeremy" <pf4aqbdyi.ml@ml.delegate.org> wrote
in <_A303@delegate-en.ML_>
 |I am trying to use SSLWAY as a pure SSL proxy that performs decryption
 |and encryption between both sides:
 |
 |               [--------------------------]
 |[Client]======>[delegate->sslway          ]
 |        (https)[             |            ]
 |               [             |(http)      ]
 |               [             V            ]
 |               [          sslway->delegate]======>[server]
 |               [--------------------------](https)
 |
 |So there will be SSL from client to delegate on client side, unencrypted
 |HTTP within the proxy and SSL to the server.
 |The examples given don't seem to work for me.  I've tried the following:

I have never made any example for such usage. The simplest way to do
it is applying SSLway for both direction to client and to server in a
single DeleGate like this:

  % delegated -P443 \
       SERVER=https MOUNT="/* https://server/*" \
       FCL=sslway FSV=sslway

Note that you can omiit "-ac" or "-co" option for sslway when you call
sslway in FCL or FSV.

By the way, testing this example I found that
  SERVER=https://server
does not work in this case which must be the same functionality with:
  SERVER=https MOUNT="/* https://server/*"
This must be fixed in the next release.

Cheers,
Yutaka
--
Yutaka Sato <ysato@etl.go.jp> http://www.etl.go.jp/~ysato/   @ @ 
Computer Science Division, Electrotechnical Laboratory      ( - )
1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan            _<   >_

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V