I followed the document to setup certs and keys for ATS. But it does not seem
to take these and terminate SSL in forward mode.
My understand with forward proxy is that UA sends a CONNECT command first, ATS
establishs a tunnel between UA and origin server.
My question is how is the termination happen? I think we need to make ATS
connect to itself when getting CONNECT command?
From: sudheervinuko...@yahoo.com At: 07/18/19 15:24:41To: Zhiyong Lin
(BLOOMBERG/ PRINCETON ) , dev@trafficserver.apache.org
Subject: Re: dev@trafficserver.apache.org
Hi Zhiyong,
SSL termination for ATS is not any different when ATS is being used as a
forward vs reverse proxy.
This might be a good start to configure SSL termination on ATS (if you've not
already read it) -
Security — Apache Traffic Server 9.0.0 documentation
Security — Apache Traffic Server 9.0.0 documentation
You can also navigate other linked docs in there for other aspects related to
ATS.
Good luck and we will be curious to hear your experiences in setting up.
- Sudheer
On Thursday, July 18, 2019, 12:18:47 PM PDT, Zhiyong Lin
(BLOOMBERG/ PRINCETON) <zl...@bloomberg.net> wrote:
Hi All,
We are setting up ATS as a forward proxy and try to examine both HTTP/HTTPS
traffic. For HTTPS we need to terminate ssl, and we find plugin certifier that
can dynamically generate certificate. We read through the certifier plugin's
document but still not sure how to setup ATS so that SSL termination in forward
proxy mode works. Any help will be appreciated.
Also is there any document of the whole flow of an HTTP/HTTPS request?
