[TriLUG] SSL Certs
Joseph Mack
mack.joseph at epa.gov
Sun Oct 24 09:18:38 EDT 2004
Jeremy Portzer wrote:
>
> Another thing to think about is if the Cisco Local Director can support
> SSL on that box itself. I don't know much about this particular
> equipment, but I understand that some load-balancing hardware can host
> the SSL certificate on the balancer itself, and then forward the HTTP
> requests on to the internal machines. (In this sense it is acting as a
> reverse proxy server of sorts.) This off-loads the SSL processing from
> your machines, allowing them to spend more CPU cycles on the actual
> application. The machines just see "normal" port 80 requests in this
> case.
In the LVS project we're encouraging people to do the encryption/decryption
on the individual servers. That way the load balancer is just routing
and rather than doing SSL work for all the backend machines.
Joe
--
Joseph Mack PhD, High Performance Computing & Scientific Visualization
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb at epa.gov
More information about the TriLUG
mailing list