Hi All,
I try to construct the https loadbalancing
using Apache/1.3.26 Ben-SSL/1.48 (Unix) mod_backhand/1.2.1.
-----------------------------------------
Figure 1:
Client ------> Server1 -----> Server2
https(443) https(443)
-----------------------------------------
At first, I tried to configure like Figure1.
but I failed because of following errors
http error log:
[Fri Sep 10 21:30:12 2004] [error] SSL_accept failed
[Fri Sep 10 21:30:12 2004] [error] error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request
Then I attempted to Figure 2.
-----------------------------------------
Figure 2:
Client ------> Server1 -----> Server2
https(443) http(8081)
-----------------------------------------
To achieve Figure2,I configured backhand module
as follows and tested.
The test results looked fine.
But I still can't figure out the typical configuration
of backhand module in case of using https.
It is grateful if anyone explain the typical configuration.
Is following configuration correct for https settings?
@@@@@@ httpsd.conf of Server 1 @@@@@
Listen 443
Listen 8081
:
:
<Directory "/opt/FLIGHTssl/httpsd/htdocs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
Backhand byRandom
Backhand byAge
Backhand byLoad
</Directory>
:
:
<IfModule mod_backhand.c>
UnixSocketDir /opt/FLIGHTssl/httpsd/backhand
MulticastStats 192.168.aaa.255:4446
AcceptStats 192.168.aaa.0/24
<Location "/LoadBalanceMonitor/">
SetHandler backhand-handler
</Location>
</IfModule>
:
:
<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ "/opt/FLIGHTssl/httpsd/cgi-bin/"
<Directory "/opt/FLIGHTssl/httpsd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
Backhand byRandom
Backhand byAge
Backhand byLoad
</Directory>
</IfModule>
:
:
<VirtualHost _default_:8081>
SSLDisable
</VirtualHost>
<VirtualHost _default_:443>
SSLCACertificatePath /opt/FLIGHTssl/httpsd/ssl
SSLCACertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateKeyFile /opt/FLIGHTssl/httpsd/ssl/secret-key.pem
SSLVerifyClient 0
SSLVerifyDepth 10
SSLFakeBasicAuth
DocumentRoot /opt/FLIGHTssl/httpsd/htdocs
</VirtualHost>
@@@@@@ end httpsd.conf of Server 1 @@@@@
@@@@@ httpsd.conf of Server2 @@@@@
Listen 443
Listen 8081
:
:
<Directory "/opt/FLIGHTssl/httpsd/htdocs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
:
:
<IfModule mod_backhand.c>
UnixSocketDir /opt/FLIGHTssl/httpsd/backhand
MulticastStats 192.168.aaa.255:4446
AcceptStats 192.168.aaa.0/24
<Location "/LoadBalanceMonitor/">
SetHandler backhand-handler
</Location>
</IfModule>
:
:
<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ "/opt/FLIGHTssl/httpsd/cgi-bin/"
<Directory "/opt/FLIGHTssl/httpsd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</IfModule>
:
:
<VirtualHost _default_:8081>
SSLDisable
</VirtualHost>
<VirtualHost _default_:443>
SSLCACertificatePath /opt/FLIGHTssl/httpsd/ssl
SSLCACertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateKeyFile /opt/FLIGHTssl/httpsd/ssl/secret-key.pem
SSLVerifyClient 0
SSLVerifyDepth 10
SSLFakeBasicAuth
DocumentRoot /opt/FLIGHTssl/httpsd/htdocs
</VirtualHost>
@@@@@ end httpsd.conf of Server2 @@@@@
Kind Regards.
------------------------
Hajime Hoshi System Consultant
FLIGHT System Consulting Inc. ( mailto: hhoshi@flight.co.jp )
_______________________________________________
backhand-users mailing list
backhand-users@lists.backhand.org
http://lists.backhand.org/mailman/listinfo/backhand-users
I try to construct the https loadbalancing
using Apache/1.3.26 Ben-SSL/1.48 (Unix) mod_backhand/1.2.1.
-----------------------------------------
Figure 1:
Client ------> Server1 -----> Server2
https(443) https(443)
-----------------------------------------
At first, I tried to configure like Figure1.
but I failed because of following errors
http error log:
[Fri Sep 10 21:30:12 2004] [error] SSL_accept failed
[Fri Sep 10 21:30:12 2004] [error] error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request
Then I attempted to Figure 2.
-----------------------------------------
Figure 2:
Client ------> Server1 -----> Server2
https(443) http(8081)
-----------------------------------------
To achieve Figure2,I configured backhand module
as follows and tested.
The test results looked fine.
But I still can't figure out the typical configuration
of backhand module in case of using https.
It is grateful if anyone explain the typical configuration.
Is following configuration correct for https settings?
@@@@@@ httpsd.conf of Server 1 @@@@@
Listen 443
Listen 8081
:
:
<Directory "/opt/FLIGHTssl/httpsd/htdocs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
Backhand byRandom
Backhand byAge
Backhand byLoad
</Directory>
:
:
<IfModule mod_backhand.c>
UnixSocketDir /opt/FLIGHTssl/httpsd/backhand
MulticastStats 192.168.aaa.255:4446
AcceptStats 192.168.aaa.0/24
<Location "/LoadBalanceMonitor/">
SetHandler backhand-handler
</Location>
</IfModule>
:
:
<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ "/opt/FLIGHTssl/httpsd/cgi-bin/"
<Directory "/opt/FLIGHTssl/httpsd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
Backhand byRandom
Backhand byAge
Backhand byLoad
</Directory>
</IfModule>
:
:
<VirtualHost _default_:8081>
SSLDisable
</VirtualHost>
<VirtualHost _default_:443>
SSLCACertificatePath /opt/FLIGHTssl/httpsd/ssl
SSLCACertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateKeyFile /opt/FLIGHTssl/httpsd/ssl/secret-key.pem
SSLVerifyClient 0
SSLVerifyDepth 10
SSLFakeBasicAuth
DocumentRoot /opt/FLIGHTssl/httpsd/htdocs
</VirtualHost>
@@@@@@ end httpsd.conf of Server 1 @@@@@
@@@@@ httpsd.conf of Server2 @@@@@
Listen 443
Listen 8081
:
:
<Directory "/opt/FLIGHTssl/httpsd/htdocs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
:
:
<IfModule mod_backhand.c>
UnixSocketDir /opt/FLIGHTssl/httpsd/backhand
MulticastStats 192.168.aaa.255:4446
AcceptStats 192.168.aaa.0/24
<Location "/LoadBalanceMonitor/">
SetHandler backhand-handler
</Location>
</IfModule>
:
:
<IfModule mod_alias.c>
ScriptAlias /cgi-bin/ "/opt/FLIGHTssl/httpsd/cgi-bin/"
<Directory "/opt/FLIGHTssl/httpsd/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</IfModule>
:
:
<VirtualHost _default_:8081>
SSLDisable
</VirtualHost>
<VirtualHost _default_:443>
SSLCACertificatePath /opt/FLIGHTssl/httpsd/ssl
SSLCACertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateFile /opt/FLIGHTssl/httpsd/ssl/server.cert
SSLCertificateKeyFile /opt/FLIGHTssl/httpsd/ssl/secret-key.pem
SSLVerifyClient 0
SSLVerifyDepth 10
SSLFakeBasicAuth
DocumentRoot /opt/FLIGHTssl/httpsd/htdocs
</VirtualHost>
@@@@@ end httpsd.conf of Server2 @@@@@
Kind Regards.
------------------------
Hajime Hoshi System Consultant
FLIGHT System Consulting Inc. ( mailto: hhoshi@flight.co.jp )
_______________________________________________
backhand-users mailing list
backhand-users@lists.backhand.org
http://lists.backhand.org/mailman/listinfo/backhand-users