I posted a couple weeks ago about my relayd configuration and how it seemed
that it was not relaying traffic. Since then I have been trying to simply
the configuration and make *something* work. I was successful in getting
relayd to listen on port 80 and forward traffic to a group of other web
servers on port 80. However, I haven't been able to do anything more
complicated than that.
Right now I am trying to listen on port 443 for incoming connections and
relay them to a group of web servers that are listening on port 443. Most
of the time, nothing happens. It just seems to hang there. However, I did
manage to get a useful error from a web server the other day.
"Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please."
Is there something in my configuration file that I need to specify to ensure
that https requests are sent to the servers? I've looked at a few examples
online and I haven't seen anything that fits the bill. Here is my
relayd.conf file
table <ssl_server> { www.mnsu.edu, secure.mnsu.edu }
web_port="80"
ssl_port="443"
bge0_ip="134.29.32.88"
interval 10
timeout 200
prefork 5
log updates
http protocol "httpfilter" {
# TCP Performance options
tcp { nodelay, sack, socket buffer 65536, backlog 100 }
# Return HTTP/HTML error pages
return error
# allow logging of remote client ips to internal web servers
header append "$REMOTE_ADDR" to "X-Forwarded-For"
# Set keep alive timeout to global timeout
header change "Keep-Alive" to "$TIMEOUT"
# Close connection upon receipt
header change "Connection" to "close"
# Anonymize webservers name/type
response header change "Server" to "Something"
# SSL options
ssl { sslv3, tlsv1, ciphers "HIGH:!ADH", no sslv2 }
}
relay web_proxy {
listen on $bge0_ip port $ssl_port ssl
protocol "httpfilter"
forward to <ssl_server> port $ssl_port mode loadbalance check https "/"
code 200
}
