Comments (1)
rbucker
commented on June 12, 2024
I started to read a lot of posts and I was beginning to believe that mixing the client relay was just unsupported. I've come to the conclusion this is definitely a bug.
Common with everyone else's experience the BLAST table which is not TLS enabled seems to open the connection to the server as TLS... even though it does not have "with tls"
relay "https" {
listen on $ipv4 port https tls
protocol "https"
forward with tls to <www> port 8443 check https "/" code 200
forward to <blast> port 1900 check http "/" code 401
}
However, when I added TLS to my "blast" app server...I received more/similar errors even though my app server was ok. (tested from the CLI). Then I added the "with tls" to the blast relay and VOILA it started working.
relay "https" {
listen on $ipv4 port https tls
protocol "https"
forward with tls to <www> port 8443 check https "/" code 200
forward with tls to <blast> port 1900 check https "/" code 401
}
Without "with tls" and app server running in plain http... The relay log suggested "TLS handshaking" error.
Without "with tls" and the appserver running https... the relay log suggested "tlsv1 allert protocol, version"
But when I added "with tls" and had the server running https.... all was fine.
This suggests that mixing is not possible or a bug and/or "with tls" is not completely documented.
from relayd.
Related Issues (18)
- relay http persistent connection HOT 1
- Relayd seems to strip away content from http payload. HOT 3
- SNI support HOT 2
- Better syntax errors
- relayd does not function with OpenSSL 1.1.x
- cannot match multiple URLs HOT 8
- Redirect host with specific url HOT 1
- relayd MITM/TLS Inspection does not currently appear to support SNI
- Different rules in one relay seem to be interfering when the [with tls] option is used.
- Repo out of date?
- "relayctl host disable" only disables host for one port
- Too many CLOSE_WAIT connections HOT 2
- relayd can't load certificates HOT 2
- relayctl reload causes relayd to "hang" HOT 1
- Redirect in relayd? HOT 3
- Add support for ECDSA server certificates HOT 1
- IPv6 and SSL certificates HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from relayd.