| Summary | allow for hardware ssl termination |
| Queue | Horde Framework Packages |
| Queue Version | HEAD |
| Type | Enhancement |
| State | Resolved |
| Priority | 1. Low |
| Owners | |
| Requester | adrieder (at) sbox (dot) tugraz (dot) at |
| Created | 7/19/07 (6921 days ago) |
| Due | 7/19/07 (6921 days ago) |
| Updated | 8/3/07 (6906 days ago) |
| Assigned | |
| Resolved | 8/3/07 (6906 days ago) |
| Milestone | |
| Patch | No |
State ⇒ Resolved
New Attachment: conf.xml.2.patch
New Attachment: Crypt.php.2.patch
the safe-ip-net-list, and simply make it a "consider all connections
safe" item, there's no need to make a connection to hw accel cards.
ranges to not require SSL connections for passphrases. Can't you use
that one?
that's visible to Horde?
termination of the ssl connection is donw transparently by the
loadbalancers crypto card, so the webservers see the real client IPs.
State ⇒ Feedback
ranges to not require SSL connections for passphrases. Can't you use
that one? Or isn't the hardware accelerator the IP client address
that's visible to Horde?
New Attachment: Crypt-php.patch
Priority ⇒ 1. Low
State ⇒ New
New Attachment: conf.php.patch
Queue ⇒ Horde Framework Packages
Due ⇒ 7/19/07
Summary ⇒ allow for hardware ssl termination
Type ⇒ Enhancement
terminate the ssl connections in front of the webservers, so that the
webserver do not have to care about ssl en/decryption. This means,
that they just get to deal with plain HTTP and the Horde framework
won't let a client to submit gpg-passphrases because it see only the
plain connection.
The following patches allow a config setting for hardware ssl termination.
Note people should set $conf['use_ssl'] = 1 in their config, to make
sure that all urls are generated as https://...