You can have ssl between aicache and client with http to apache or ssl both ways ok. let' give it a try then. also if u need sticky sessions (each user works with one application server) aicache can be configured for server persistance I need that the sticky sessions ok, you will need to add os_persist in general config section https://aws-portal.amazon.com/gp/aws/user/subscription/index.html?offeringCode=B6A85F0B Click there Will u need to balance ssl only or http also? both the client use http until they enter to the purchase form so it should keep that session understood ok, done so, next step is to spin up ec2 instance from aicache6.1 AMI I'm on it ok, great config file to edit - /root/aicache.cfg it still "pending" Give it 2 minutes finished, let me connect now sure I'm on the config file ok, first of all u need to set the hostname done also, upload key and cert files for ssl to /root also copy them to /usr/local/aicache and in general section of config add listen https * 443 server.cert server.key AES-256:SHA if u have chain cert you will need to concat certs into single file and name it like 'server.chain.cert' which is the general section? the first one? first one before line 'website' done ok, great in hostname section add os_persist done if you want aicache to use ssl-ed connection to app servers (origins) then add also use_os_ssl AES-256:SHA if u will use this setting no, is ok for testing we can use regular http then connections coming from client to aicache via https will go to origin server via https too ah ok let's go forward then just skip patterns section and come to origins section there you need to define origin servers to which traffic will be balanced origin <ip> 80 I add the internal ips of the web servers? if they are in same availability zone on AWS then yes use internal ip addresses 10.x.x.x ok, if I want to add a second one? just add another line origin <ip> 80 ok done if u want to handle https to origins then u will need to add origin_https <ip> 443 otherwise http only will be used ok if done we are ready to go save file then telnet localhost 2233 use password 'secret' (without quotes) Please change that in the config file. then 'reload' and 'quit' it will initiate the 'warm restart' of aicache or u can use 'pkill aicache' from shell prompt to do the same, but with cache dropped/sticky sessions dropped ok, done ok, now u need to test it probably u will need to update ur local hosts file to include target hostname to ip address of new aicache box ok let me do the changes it is working |
|
aiCache Wiki > HTTPS Configuration >
HTTPS Load Balancing |