Forum OpenACS Q&A: Re: Virtual hosting with AOLserver 4
by support for HTTPS virtual hosting I mean that the proxy will handle the SSL connection to then pass on the request to the backend server as a regular HTTP request. The backend server thus never sees the HTTPS connection. And in that sense pound does not proxy HTTPS connections. Which is what the Pound web page is trying to explain.
However, to the client it appears as if it does as the client establishes a secure connection with the proxy and returns the response from the backend server over the established secure connection. As such the client is not aware that the communication between the proxy and the backend server is not encrypted.
Further down the Pound webpage you can read how Pound can accept HTTPS connections and what information it forwards to the backend server in the HTTP connection between Pound and the server.
My patch allows OpenACS to detect a secure connection to Pound based on a custom header added to the information passed from Pound to the server so that OpenACS will treat the connection as a secure connection (e.g. as if it is a direct HTTPS connection). This makes proxied HTTPS connections transparent to OpenACS.
I'll wait for your patch, Bart :)