current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Webmasters Stack Exchange is a question and answer site for pro webmasters. It's 100% free, no registration required.

Sign up
Here's how it works:
  1. Anybody can ask a question
  2. Anybody can answer
  3. The best answers are voted up and rise to the top
up vote 1 down vote favorite

Currently I am using Haproxy to route my application which has a websocket back end and an Apache back end.

I have configured Apache's virtual host to use SSL. Now I'm confused like do I have to configure Haproxy to use SSL connection and send encrypted data to SSL enabled Apache or terminate SSL at Haproxy and send unencrypted data to Apache (do I have to disable the SSL on Apache in this case?)

share|improve this question
    
Haproxy is the only public-facing server, correct? If yes, that's what you must configure to use SSL. Try Mozilla's configuration generator for examples. Best practice is to also protect the connection between your Haproxy server and any backends, especially if these exist on different machines. You can use SSL for that too, but in that situation you can use self-signed certificates since those connections are not public-facing. – Tom Brossman Feb 17 at 9:43
    
You say your site has both a web socket back end and an Apache back end. What is the front end? – Stephen Ostermiller Feb 17 at 10:37
    
Mobile Apps on Android and iOS – Rajat Saxena Feb 17 at 10:38

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Browse other questions tagged or ask your own question.