Andreas Doebeli thobens
thobens
/ gist:eb4ba2726d2dee763974
Created
October 3, 2014 23:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ListenHTTPS | |
| Address 127.0.0.1 | |
| Port 443 | |
| Cert "/path/to/mycert.pem" | |
| Service | |
| HeadRequire "Host: .*my.domain.com.*" | |
| BackEnd | |
| Address 10.0.0.3 | |
| Port 8443 | |
| End |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --2014-10-01 21:19:44-- https://localhost:8443/ | |
| Resolving localhost (localhost)... 127.0.0.1 | |
| Connecting to localhost (localhost)|127.0.0.1|:8443... connected. | |
| ERROR: cannot verify localhost's certificate, issued by â/C=CH/ST=XXX/L=XXX/O=Unknown/OU=Unknown/CN=*.domain.comâ: | |
| Self-signed certificate encountered. | |
| ERROR: certificate common name â*.domain.comâ doesn't match requested host name âlocalhostâ. | |
| To connect to localhost insecurely, use `--no-check-certificate'. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --2014-10-01 21:11:26-- https://my.domain.com/ | |
| Resolving my.domain.com (my.domain.com)... 5.9.147.56 | |
| Connecting to my.domain.com (my.domain.com)|5.9.147.56|:443... connected. | |
| ERROR: cannot verify my.domain.com's certificate, issued by â/C=US/ST=Somewhere/L=Somecity/O=CompanyName/OU=Organizational Unit Name (eg, section)/CN=Common Name (eg, YOUR name)/emailAddress=Email Addressâ: | |
| Self-signed certificate encountered. | |
| ERROR: certificate common name âCommon Name (eg, YOUR name)â doesn't match requested host name âmy.domain.comâ. | |
| To connect to my.domain.com insecurely, use `--no-check-certificate'. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 12 SessionOpen c 84.75.1.180 59161 0.0.0.0:443 | |
| 12 Debug c herding | |
| 12 SessionClose c timeout | |
| 12 StatSess c 84.75.1.180 59161 0 1 0 0 0 0 0 0 | |
| 0 CLI - Rd ping | |
| 0 CLI - Wr 200 19 PONG 1412190432 1.0 | |
| 0 CLI - Rd ping | |
| 0 CLI - Wr 200 19 PONG 1412190435 1.0 | |
| 12 SessionOpen c 84.75.1.180 59165 0.0.0.0:443 | |
| 12 Debug c herding |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" | |
| maxSpareThreads="75" enableLookups="false" uisableUploadTimeout="true" acceptCount="100" | |
| scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" | |
| keystoreFile="/path/to/jks" keystorePass="secure.pw" /> |