Monday, June 12, 2017

reverse ssl proxy, pound

*** setup information ****
            ssl                                            plain text
client -------> (192.168.58.75) pound   -----------------> web server

webserver ip: 10.0.0.4

1- install pound
$ sudo apt-get install pound

- to enable it, edit file /etc/default/pound to
startup=1

2- create pem if you don't have one, (you have crt and key file)
$ cat server.crt server.key > server1.com.pem


3- configure pound to act as ssl proxy, /etc/pound/pound.cfg
User        "www-data"
Group        "www-data"
LogLevel    1
Alive        30
Control "/var/run/pound/poundctl.socket"
ListenHTTPS
        Address 192.168.58.75
        Port    443
        Cert    "/etc/pound/server1.com.pem"
        Service
                BackEnd
                Address 10.0.0.10
                Port    80
                End
        End
End





4- restart pound and it is ready
$ sudo systemctl restart pound

No comments:

Post a Comment