Anyone using any Linux SSL proxies?

Michael K. Smith mksmith at adhost.com
Sun Mar 15 13:04:38 CDT 2009


Hello Mike:


On 3/14/09 9:56 PM, "Mike Lyon" <mike.lyon at gmail.com> wrote:

> Howdy,
> 
> I am wondering what folks are recommending/using these days for Linux SSL
> proxies? I need to build a linux box that basically acts as an SSL offloader
> would (like a BigIP / Cisco ACE / Netscaler would do). Listen on port 443,
> decrypt the SSL and then forward the request onto the webserver on port 80.
> DSR is not required.
> 
> Any suggestions?
> 
> Offlist replies would probably be more appropriate.
> 
> Thank You in advance.
> 
> Cheers,
> Mike

We use Apache with mod_security and mod_proxy to do this, although the
application is more as an application layer firewall than an SSL offloader.
It works well for lower traffic applications; I haven't tested it under the
loads that are advertised by the hardware vendors you mentioned.

Regards,

Mike






More information about the NANOG mailing list