Perbal and Stunnel

Brad Fitzpatrick brad at danga.com
Mon Jan 16 18:16:31 UTC 2006 

Look into Apache 2.2.  I understand its mod_proxy is much less lame than
previously.

- Brad

On Mon, 16 Jan 2006, Kevin Minnick wrote:

> Brad,
>
> Yes, 100 different IP addresses.  We host SSL sites for many different
> companies, each with their own SSL cert.  We currently use Apache, but
> the problem is we want to be able to send static SSL requests to one
> set of backend servers and dynamic SSL requests to another set of
> backend servers.  We could use mod_proxy but I like all of the
> features of Perlbal.
>
> If mod_proxy supported an easy way (or any way) to:
> 1.  Detect a backend server failure
> 2.  Load Balance backend servers
>
> I would use that since it does support SSL nicely.
>
> On a side note, I looked at the code for IO::Socket::SSL but I could
> not figure out how to get passed the blocking issue, but I'm by no
> means a skilled perl programmer.
>
> Thanks,
> Kevin
>
> On 1/16/06, Brad Fitzpatrick <brad at danga.com> wrote:
> > Kevin,
> >
> > Perlbal's native SSL support hasn't been improved since that post, sorry.
> > It was never supposed to have SSL but then that IO::Socket::SSL made it so
> > tempting.  Unfortunately it blocks and I haven't had time/need to look
> > into it.
> >
> > Not sure how you'd run 100+ stunnel instances .... would you need 100
> > different IP addresses?  I don't know the protocol details of SSL well.
> >
> > What are you currently using, and what's wrong with it?  I assume Apache?
> >
> > - Brad
> >
> >
> > On Mon, 16 Jan 2006, Kevin Minnick wrote:
> >
> > > Hello,
> > >
> > > I'm looking into using Perlbal on a highly trafficked site that uses
> > > multiple SSL certificates.  Perlbal looks great, but when I was
> > > researching SSL support, I ran across this thread:
> > >
> > > http://lists.danga.com/pipermail/perlbal/2005-November/000140.html
> > >
> > > I was wondering if there were any known workarounds.  If not, I was
> > > wondering if running multiple instances of stunnel in front of Perlbal
> > > would be a sufficient workaround?
> > >
> > > We currently have over 100 certificates that need to be supported.
> > >
> > > I searched the list archives but was unable to find anything.  Any
> > > help is much appreciated.
> > >
> > > Thanks,
> > > Kevin
> > >
> > >
> >
>
>

More information about the perlbal mailing list