[stunnel-users] xforwardedfor in config
Brian Hatch
bri at stunnel.org
Sat Feb 2 22:13:32 CET 2008
Around 2008-01-31 16:58 -0500, Jill Rochelle growled:
> I am new to stunnel and the ssl world. I'm trying to get stunnel to work
> with haproxy for load balancing https requests. In the haproxy
> documentation it says that the stunnel.conf should look like this
>
> cert=/etc/stunnel/stunnel.pem
> setuid=stunnel
> setgid=proxy
>
> socket=l:TCP_NODELAY=1
> socket=r:TCP_NODELAY=1
>
> [https]
> accept=192.168.1.1:443
> connect=192.168.1.1:80
> xforwardedfor=yes
You're probably reading documentation from someone who's patched
stunnel to support X-Forwarded-For.
Quick google finds the following in some haproxy documentation
above a snippet like yours:
"By default, stunnel does not process HTTP and does not add any
X-Forwarded-For header, but there is a patch on the official
haproxy site to provide this feature to recent stunnel versions."
I'd suggest you find and apply that patch if that's the road
down which you wish to go.
--
Brian Hatch What's the best remote
Systems and administration tool for
Security Engineer Microsoft Windows?
http://www.ifokr.org/bri/ A car.
Every message PGP signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080202/861515ba/attachment.sig>
More information about the stunnel-users
mailing list