[squeak-dev] Re: SqueakSSL
Paul DeBruicker
pdebruic at gmail.com
Thu Feb 13 03:24:13 UTC 2014
Colin Putney-3 wrote
> On Wed, Feb 12, 2014 at 6:39 PM, Göran Krampe <
> goran@
> > wrote:
>
>> On 02/12/2014 11:11 PM, Colin Putney wrote:
>>
>>> Great, this was just the information I needed. Thanks!
>>>
>>
>> I will pack it up and post/send it tomorrow to ... well, Sven and Eliot
>> etc for committing it.
>>
>
> Great, thanks.
>
>
>> Note - SqueakSSL works just fine for client side stuff. But you don't
>> want
>> to use it for server side with lots of connections... We kinda did and
>> realized that hey... there is no threading in this plugin so... only one
>> connection can decrypt/encrypt at one point in time - and of course VM
>> stops while it does so. Ouchy.
>>
>
> Right, the client-side is what I'm trying to use it for. My servers are
> behind a load balancer, which does SSL termination as well. Stud looks
> pretty awesome, but I haven't had a chance to use it yet. :-)
>
> Colin
You're probably already aware of this but you can also use the webservers to
encrypt connections from your client to 3rd party servers. I learned about
it from here (site is down right now):
http://www.monkeysnatchbanana.com/posts/2010/06/22/faking-a-https-client-for-glass.html
instead of connecting direct from Squeak to
https://api.stripe.com (or any 3rd party)
1. set an alias in your /etc/hosts file for the 3rd party
127.0.0.1 stripe
from Squeak connect to
http://stripe
and have your webserver proxy those connections to the 3rd party e.g. in
nginx something like this
server
{
server_name stripe;
allow 127.0.0.1;
deny all;
location /
{
proxy_pass https://api.stripe.com;
}
}
hope this helps
Paul
--
View this message in context: http://forum.world.st/SqueakSSL-tp4743073p4743183.html
Sent from the Squeak - Dev mailing list archive at Nabble.com.
More information about the Squeak-dev
mailing list
|