This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Request Redirection to another (external) server

Hi,

I am using lets encrypt. The certificate has 2 names: server.domain.com and domain.com.

But both are pointing to different server in the internet. One to 1.1.1.1 other to 1.1.1.2.

The lets encrypt environment is on 1.1.1.2. So yes!: I can have 2 certificates. But because of other things it would be good to have only one.

How to proceed:

I defined a redirection on 1.1.1.1 (sophos SG to redirect all traffic from 1.1.1.1/.well-known/acme-challenge/* to 1.1.1.2/well-known/acme-challenge/* but it doesn't work.

 

 

Is this possible like this or not? What is wrong?



This thread was automatically locked due to age.
Parents
  • On further thought, this is not even possible.

    Redirection returns a pointer, something like "Sorry, but I have moved to a new address".   Example:  I navigate to server1.example.com/something, and it says "try again using server2.example.com/somethingelse"   So server1 and server2 both need to resolve to valid DNS entries, and if TLS is used, they need to have valid certificates that match their names.

    Some web servers implement virtual directories, where the web server relays requests for public system server1.example.com/something to internal system server2.example.com/something.  This is not something UTM attempts to do, but you might be able to do it on your webserver.   Of course, it can be messed up by path conflicts, and the scripting logic on the second server might get confused by the relay mechanism.

     

Reply
  • On further thought, this is not even possible.

    Redirection returns a pointer, something like "Sorry, but I have moved to a new address".   Example:  I navigate to server1.example.com/something, and it says "try again using server2.example.com/somethingelse"   So server1 and server2 both need to resolve to valid DNS entries, and if TLS is used, they need to have valid certificates that match their names.

    Some web servers implement virtual directories, where the web server relays requests for public system server1.example.com/something to internal system server2.example.com/something.  This is not something UTM attempts to do, but you might be able to do it on your webserver.   Of course, it can be messed up by path conflicts, and the scripting logic on the second server might get confused by the relay mechanism.

     

Children
No Data