Manualshelf

Specifications

ManualsBrandsCoyote Point Systems ManualsHome AudioEqualizer
919293949596979899100
Working with Virtual Clusters
Equalizer Installation and Administration Guide 85
verification to succeed, the specified string must appear in the first 1024 characters of the
servers response (including any headers).
6. Click the commit button.
HTTPS Header Insertion
When a connection is established by a client for an HTTPS cluster, Equalizer performs the SSL
processing on the request (this is called SSL offloading), and adds some additional headers to the
client's request before forwarding the request on to a server:
X-LoadBalancer: CoyotePoint Equalizer
X-Forwarded-For: (cluster's IP address)
If the client provides an SSL certificate, the following are also added:
X-SSL-Subject: (certificate's X509 subject)
X-SSL-Issuer: (certificate's X509 issuer)
X-SSL-notBefore: (certificate not valid before info)
X-SSL-notAfter: (certificate not valid after info)
X-SSL-serial: (certs serial number)
X-SSL-cipher: (cipher spec)
If these headers are present in a request received by a server, then the server knows that the request
was originally an HTTPS request and was processed by Equalizer before being forwarded to the
server.
These headers are inserted into every request if the once only flag is disabled; if once only is
enabled, then only the first request in a connection will have these headers inserted.
Some application may require a special header in the request, and the following section describes
how Equalizer can be configured to provide a custom HTTPS header for such applications.
Specifying a Custom Header for HTTPS Clusters
Some applications, such as Microsoft Outlook Web Access (OWA), may require that all incoming
client requests use the Secure Sockets Layer (SSL) protocol, meaning that all client requests must
have the
https:// protocol in the URI.
If OWA is running on a server in an Equalizer Layer 7 cluster, then OWA will receive all requests
with
http:// in the URI, since Equalizer performs SSL processing before passing the requests on
to the server.
OWA allows for SSL offloading through the use of a special header, as explained in the following
Microsoft technical article:
http://technet.microsoft.com/en-us/library/578a8973-dc2f-4fff-83c6-39b1d771514c.aspx.)
Two things are necessary when running OWA behind Equalizer:
configure OWA to watch HTTP traffic for requests containing a custom header that indicates
that the request was originally an SSL request that was processed by SSL offloading hardware
(i.e., Equalizer) before reaching OWA (see the above article for instructions)