You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Gaetan Njinang <ga...@gmail.com> on 2016/05/03 15:48:49 UTC
[users@httpd] I need to activate a NULL cipher in modssl
Hello,
Please, I have a problem. I need to activate NULL cipher in modssl.
I need to implement a strong authentication between two servers groups.
First group of servers: reverse proxies. Second group of servers: backend
application servers.
It is very important to not increase the load of reverse proxies (because
they are already overloaded - they will not support the price of ciphering
communications). So, I need to force the proxies servers and the backends
to negotiate a NULL cipher. Conceptually, it makes sense, since I just need
authentication.
Can someone help me on that, please ? Is it possible without recompiling
apache and/or the modssl ?
Thanks
Re: [users@httpd] I need to activate a NULL cipher in modssl
Posted by Daniel <df...@gmail.com>.
Have you tried setting it up with SSLProxyCipherSuite yet?
El mar., 3 may. 2016 a las 15:48, Gaetan Njinang (<ga...@gmail.com>)
escribió:
> Hello,
>
> Please, I have a problem. I need to activate NULL cipher in modssl.
>
> I need to implement a strong authentication between two servers groups.
> First group of servers: reverse proxies. Second group of servers: backend
> application servers.
> It is very important to not increase the load of reverse proxies (because
> they are already overloaded - they will not support the price of ciphering
> communications). So, I need to force the proxies servers and the backends
> to negotiate a NULL cipher. Conceptually, it makes sense, since I just need
> authentication.
>
> Can someone help me on that, please ? Is it possible without recompiling
> apache and/or the modssl ?
>
> Thanks
>
Re: [users@httpd] I need to activate a NULL cipher in modssl
Posted by Gaetan Njinang <ga...@gmail.com>.
Thanks for your answers.
Stunnel seems to be a good solution.
Been discussed recently, see
https://www.spinics.net/lists/apache-users/msg112140.html (or other browser
for this maillist). I still vote for stunnel.
--
With Best Regards,
Marat Khalili
On 03/05/16 16:48, Gaetan Njinang wrote:
> Hello,
>
> Please, I have a problem. I need to activate NULL cipher in modssl.
>
> I need to implement a strong authentication between two servers groups.
> First group of servers: reverse proxies. Second group of servers: backend
> application servers.
> It is very important to not increase the load of reverse proxies (because
> they are already overloaded - they will not support the price of ciphering
> communications). So, I need to force the proxies servers and the backends
> to negotiate a NULL cipher. Conceptually, it makes sense, since I just need
> authentication.
>
> Can someone help me on that, please ? Is it possible without recompiling
> apache and/or the modssl ?
>
> Thanks
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] I need to activate a NULL cipher in modssl
Posted by Marat Khalili <mk...@rqc.ru>.
Been discussed recently, see
https://www.spinics.net/lists/apache-users/msg112140.html (or other
browser for this maillist). I still vote for stunnel.
--
With Best Regards,
Marat Khalili
On 03/05/16 16:48, Gaetan Njinang wrote:
> Hello,
>
> Please, I have a problem. I need to activate NULL cipher in modssl.
>
> I need to implement a strong authentication between two servers
> groups. First group of servers: reverse proxies. Second group of
> servers: backend application servers.
> It is very important to not increase the load of reverse proxies
> (because they are already overloaded - they will not support the price
> of ciphering communications). So, I need to force the proxies servers
> and the backends to negotiate a NULL cipher. Conceptually, it makes
> sense, since I just need authentication.
>
> Can someone help me on that, please ? Is it possible without
> recompiling apache and/or the modssl ?
>
> Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org