Pound : SSL/TLS Setting2021/03/17 |
|
Configure Pound with SSL/TLS connection.
This example is based on the environment like follows. ( based on the basic settings of the example here )
-----------+---------------------------+--------------------------+------------
| | |
|10.0.0.30 |10.0.0.51 |10.0.0.52
+----------+-----------+ +-----------+----------+ +-----------+----------+
| [ dlp.srv.world ] | | [ node01.srv.world ] | | [ node02.srv.world ] |
| Pound | | Web Server#1 | | Web Server#2 |
+----------------------+ +----------------------+ +----------------------+
|
| [1] |
Get SSL certificate, refer to here.
On this example, it based on the environment SSL certificates have been created under the [/etc/letsencrypt/live/dlp.srv.world] directory. |
| [2] | Configure Pound. |
|
# concatenate cert file and key file [root@dlp ~]# cd /etc/letsencrypt/live/dlp.srv.world [root@dlp dlp.srv.world]# cat privkey.pem fullchain.pem > pound.pem [root@dlp dlp.srv.world]#
[root@dlp ~]#
vi /etc/pound.cfg # add under [ListenHTTP] section
ListenHTTP
Address 0.0.0.0
Port 80
End
ListenHTTPS
Address 0.0.0.0
Port 443
Cert "/etc/letsencrypt/live/dlp.srv.world/pound.pem"
End
[root@dlp ~]# systemctl restart pound |
| [3] | Verify working normally to access to frontend Pound Server. |
|
|
Matched Content