SSL对负载平衡的工作方式有什么影响?我知道,如果您选择不将会话信息存储在数据库或进程外,则需要使用粘性会话,但这对SSL有何影响?
只是为了澄清一下,SSL/TLS会话与HTTP会话无关。(有些实现可能使用SSL/TLS会话ID作为维护HTTP会话的基础,但这是一个糟糕的设计,因为SSL/TLS可能会完全独立于HTTP的操作来更改会话)。
在负载平衡方面,您可以选择以下几个选项:
使用作为SSL/TLS端点的负载平衡器。在这种情况下,负载平衡将在HTTP级别完成:客户端连接到负载平衡器,负载平衡器打开SSL/TLS连接,将HTTP内容(然后清除)传递给其工作人员。
使用TCP/IP级别的负载均衡器,它将整个TCP连接直接重定向到工作节点。在这种情况下,每个工作节点都必须具有证书和私钥(如果它们被一致地重新管理,这不一定是问题)。使用这种技术,负载均衡器根本不进行任何HTTP处理(因为它不在SSL/TLS连接中查看):一方面,这减少了负载均衡器本身进行的处理,另一方面,它会阻止您根据URL结构向特定的工作节点进行调度。这两种方法各有优缺点。
I have SSL on my website....when the user logs in from a http page the form action is sent to https page, would this still secure the posted data? Or would it be better to have the form and the page ...
Iam using HTTPClient 4.0 to connect a remote server and transfer file using HTTPS. When i tried to connect i get the exception "java.net.SocketException: Unconnected sockets not implemented". Please ...
We ve deployed our rails app to EC2. In our setup, we have two proxies on small instances behind round-robin DNS. These run nginx load balancers for a dynamically growing and shrinking farm of web ...
I m using the Spring RESTTemplate on the client side to make calls to a REST endpoint. The client in this case is a Spring app and Tomcat is the servlet container. I m running into issues making a ...
As far as I understand, https is http plus SSL/TLS. What do I need to do if I want to add 3 more parameters for the header? I found a file inside Mozilla s NSS - ssl3ext.c, but I don t understand it ...
Consider the following sample code which uses a TrustManager to log whether an outgoing connection used a valid certificate (but accept the connection in all cases): import java.security.*; import ...
I m trying to use Hudson (which uses SVNKit) to access a Subversion repository that requires a client certificate to access it. I can access the same repository using the same client certificate via ...
I m trying to send emails from a python script with smtplib, and it works with no problems with smtp through Exchange 2003, but with Exchange 2007 shows: SMTPException: No suitable authentication ...
