Category Archives: ssl

HAProxy and sslv3 poodle vulnerability

SSLv3 poodle vulnerability Yesterday, Google security researchers have disclosed a new vulnerability on SSL protocol. Fortunately, this vulnerability is only on an old version of the SSL protocol: SSLv3 (15 years old protocol). An attacker can force a browser to … Continue reading

Posted in HAProxy, security, ssl | Tagged , , , , | 7 Comments

How to protect application cookies while offloading SSL

SSL offloading SSL offloading or acceleration is often seen as a huge benefit for applications. People usually forget that it may have impacts on the application itself. Some times ago, I wrote a blog article which lists these impacts and … Continue reading

Posted in HAProxy, security, ssl | 1 Comment

Configuring HAProxy and Nginx for SPDY

Introduction to SPDY / HTTP-bis SPDY is a protocol designed by google which aims to fix HTTP/1.1 protocol weaknesses and to adapt this 14 years old protocol to today’s internet devices and requirements. Back in 1999, when HTTP/1.1 was designed, … Continue reading

Posted in architecture, HAProxy, layer7, ssl | Tagged , , , , | 1 Comment

SSL Client certificate information in HTTP headers and logs

HAProxy and SSL HAProxy has many nice features when speaking about SSL, despite SSL has been introduced in it lately. One of those features is the client side certificate management, which has already been discussed on the blog. One thing … Continue reading

Posted in Aloha, HAProxy, ssl | Tagged , , , , , , , , | Leave a comment

SSL offloading impact on web applications

SSL Offloading Nowadays, it is common (and convenient) to use the Load-Balancer SSL capabilities to cypher/uncypher traffic from clients to the web application platform. Performing SSL at the Load-Balancer Layer is called “SSL offloading“, because you offload this process from … Continue reading

Posted in Aloha, architecture, HAProxy, ssl | Tagged , , , | 8 Comments