{"id":1532,"date":"2013-11-11T19:54:06","date_gmt":"2013-11-11T18:54:06","guid":{"rendered":"http:\/\/www.daniel-ritter.de\/blog\/?p=1532"},"modified":"2024-05-13T01:13:00","modified_gmt":"2024-05-12T23:13:00","slug":"pound-reverse-proxy-fuer-http-und-https-quick-and-dirty-howto","status":"publish","type":"post","link":"https:\/\/www.daniel-ritter.de\/blog\/pound-reverse-proxy-fuer-http-und-https-quick-and-dirty-howto\/","title":{"rendered":"Pound Reverse Proxy f\u00fcr HTTP und HTTPS &#8211; Quick and dirty Howto auf Debian Squeeze"},"content":{"rendered":"<p>Pound ist ein Loadbalancer und Reverse Proxy f\u00fcr HTTP und HTTPS. Hier ein Quick and Dirty Setup f\u00fcr das HTTPS-Proxying eines HTTP-Servers. Praktisch um zum Beispiel einem Webdienst, der kein HTTPS unterst\u00fctzt, trotzdem eine sichere Verbindung zu spendieren.<\/p>\n<p>Pound installieren<\/p>\n<pre>\r\napt-get install pound\r\n<\/pre>\n<p>SSL-Key und Zertifikat generieren<br \/>\nPound erwartet Zertifikat und Key in einer! Datei.<\/p>\n<pre>\r\ncd \/etc\/ssl\r\nmkdir pound\r\ncd pound\r\nopenssl req -x509 -newkey rsa:1024 -keyout pound.pem -out pound.pem -days 9999999 -nodes\r\n<\/pre>\n<p>Pound konfigurieren<br \/>\n(Alle eingehenden Verbindungen an https:\/\/192.168.1.2:9999 werden weitergeleitet an 127.0.0.1:8000)<\/p>\n<pre>\r\n#\/etc\/pound\/pound.cfg\r\n\r\n######################################################################\r\n## global options:\r\n\r\nUser            \"www-data\"\r\nGroup           \"www-data\"\r\n#RootJail       \"\/chroot\/pound\"\r\n\r\n## Logging: (goes to syslog by default)\r\n##      0       no logging\r\n##      1       normal\r\n##      2       extended\r\n##      3       Apache-style (common log format)\r\nLogLevel        1\r\n\r\n## check backend every X secs:\r\nAlive           30\r\n\r\n## use hardware-accelleration card supported by openssl(1):\r\n#SSLEngine      \"<hw>\"\r\n\r\n# poundctl control socket\r\nControl \"\/var\/run\/pound\/poundctl.socket\"\r\n\r\n\r\n######################################################################\r\n## listen, redirect and ... to:\r\n\r\n## redirect all requests on port 8080 (\"ListenHTTP\") to the local webserver (see \"Service\" below):\r\nListenHTTPS\r\n        Address 192.168.1.2\r\n        Port    9999\r\n        Cert    \"\/etc\/ssl\/pound\/pound.pem\"\r\n\r\n        ## allow PUT and DELETE also (by default only GET, POST and HEAD)?:\r\n        xHTTP           1\r\n\r\n        Service\r\n                BackEnd\r\n                        Address 127.0.0.1\r\n                        Port    8000\r\n                End\r\n        End\r\nEnd\r\n\r\n<\/pre>\n<p>In Debian den Daemon enablen<\/p>\n<pre>\r\n#\/etc\/default\/pound\r\nstartup=1\r\n<\/pre>\n<p>Pound starten<\/p>\n<pre>\r\n\/etc\/init.d\/pound start\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Pound ist ein Loadbalancer und Reverse Proxy f\u00fcr HTTP und HTTPS. Hier ein Quick and Dirty Setup f\u00fcr das HTTPS-Proxying eines HTTP-Servers. Praktisch um zum Beispiel einem Webdienst, der kein HTTPS unterst\u00fctzt, trotzdem eine sichere Verbindung zu spendieren. Pound installieren apt-get install pound SSL-Key und Zertifikat generieren Pound erwartet Zertifikat und Key in einer! Datei. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[227],"tags":[200,201,199,98,198],"class_list":["post-1532","post","type-post","status-publish","format-standard","hentry","category-linux","tag-http","tag-https","tag-pound","tag-proxy","tag-reverse-proxy"],"_links":{"self":[{"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/posts\/1532","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/comments?post=1532"}],"version-history":[{"count":4,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/posts\/1532\/revisions"}],"predecessor-version":[{"id":1537,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/posts\/1532\/revisions\/1537"}],"wp:attachment":[{"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/media?parent=1532"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/categories?post=1532"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.daniel-ritter.de\/blog\/wp-json\/wp\/v2\/tags?post=1532"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}