RE: iSeries SSL, Comodo certificate - no green padlock on browser -- MIDRANGE-L

Thanks for the info - I'll be doing some reading!

Thanks,
TomH

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
Nathan Andelin
Sent: Tuesday, March 29, 2016 1:03 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Subject: Re: iSeries SSL, Comodo certificate - no green padlock on browser

Reverse proxy has other benefits. You can offload encryption workloads to a
separate server. You can deploy the reverse proxy on a separate network
segment to satisfy PCI requirements. If your IBM i server is down for
scheduled maintenance, the reverse proxy can be changed to return a page
about the maintenance activity.

On Tue, Mar 29, 2016 at 9:10 AM, Tim Bronski <tim.bronski@xxxxxxxxx> wrote:

Well the reverse proxy is a gateway machine where the TLS terminates.
You could use Apache on a linux server with mod_proxy. The IBM i is a
backend web server. If you google up Apache Reverse-Proxy etc you'll
find more practical info than I could retype but here's an article
that's somewhat
related:
https://timwells.net/blog/hardening-tls-apache-reverse-proxy/

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.