trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: SSL Protocol specific to client and server
Date Wed, 06 Jul 2016 21:25:07 GMT

> On Jul 6, 2016, at 12:35 PM, Adi Mallikarjuna Reddy V <adimallikarjunareddy@gmail.com>
wrote:
> 
> We have trafficserver setup as reverse proxy with SSL continuing up to origin servers.
We are trying to disable TLS1 only from browser to ATS and continue to have TLS1 connection
to origin servers.
> 
> Here is our configuration :
> 
> CONFIG proxy.config.ssl.SSLv2 INT 0
> 
> CONFIG proxy.config.ssl.SSLv3 INT 0
> 
> CONFIG proxy.config.ssl.TLSv1 INT 0       
> 
> CONFIG proxy.config.ssl.TLSv1_1 INT 1
> 
> CONFIG proxy.config.ssl.TLSv1_2 INT 1

These settings just control which TLS protocol versions will be accepted.

For a reverse proxy to a TLS origin, you can do this:

map http://foo.com https://origin.foo.com

J
Mime
View raw message