Massimo,
You just need to install the valid certificate for stunnel... i.e. move your certificate from where it was being used to where it should be now.
2009/8/31 Massimo Introvigne <massimo.introvigne#gmail.com>
>
> Hello, I have several web server behind a machine running Haproxy.
> traffic from internet to Haproxy machine to web servers on http port
> 80 works great.
>
> To process SSL traffic, I installed the patched version of stunnel
> that passes the X-Forwarded-For header , and I forward port 443, to
> port 80 of the ip Haproxy is using as the front end, it all works
> great except ...
>
> When clients go to the dns name of the Haproxy machine, they get the
> ssl "invalid certificate" error in their browser. This is easily
> overcome by clicking "allow exception" in Firefox, but it's annoying,
> and also this didn't used to happen before I put Haproxy in the way.
>
> This can't be that uncommon of a problem, but I can't find on the
> internet anyone complainign about and then solving this problme.
>
> Any ideas about what I should do?
>
> thanks.
>
-- Regards, Malcolm Turnbull. Loadbalancer.org Ltd. Phone: +44 (0)870 443 8779 http://www.loadbalancer.org/Received on 2009/08/31 10:46
This archive was generated by hypermail 2.2.0 : 2009/08/31 11:00 CEST