[ale] apache, ssl, DMZ, brain calcification

James P. Kinney III jkinney at localnetsolutions.com
Wed Aug 24 18:15:53 EDT 2005


I am looking at setting up an ssl-enabled web server in the dmz. As I
only have a few real IP addresses, I am looking at using internal IP
(10.0.*) addresses to handle the ssl-cert requirements of unique IP for
each namespace.

What I'm stumped on is how to get https://name1 AND https://name2 to
both get through the firewall and point to the correct virtual interface
IP address on the DMX server. Do I need to write a userspace tool that
interfaces with iptables to read the server name from the IP stack?

Can this be done with an apache proxy on the firewall?
-- 
James P. Kinney III          \Changing the mobile computing world/
CEO & Director of Engineering \          one Linux user         /
Local Net Solutions,LLC        \           at a time.          /
770-493-8244                    \.___________________________./
http://www.localnetsolutions.com

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part




More information about the Ale mailing list