https://pluto.potsdam.edu/ezproxywiki/index.php/SSL#Wildcard_certificate
(You can safely ignore the SSL warning, pluto uses self-signed certificates)
--
Andrew Anderson, Director of Development, Library and Information Resources Network, Inc.
http://www.lirn.net/ | http://www.twitter.com/LIRNnotes | http://www.facebook.com/LIRNnotes
On Mar 3, 2015, at 11:46, Karl Holten <[log in to unmask]> wrote:
> If you're using proxy by hostname, it's my understanding that you need to purchase a SSL certificate for each secure domain, otherwise you get security errors. Depending on how many domains you have, the cost of this can add up. Maintaining it is a headache too because it seems like vendors often don't bother to notify you they're making a switch.
>
> If there's some way to avoid doing this, I would love to know!
>
> Karl Holten
> Systems Integration Specialist
> SWITCH Inc
> 414-382-6711
>
> -----Original Message-----
> From: Code for Libraries [mailto:[log in to unmask]] On Behalf Of Stuart A. Yeates
> Sent: Monday, March 2, 2015 5:27 PM
> To: [log in to unmask]
> Subject: [CODE4LIB] making EZproxy http/https transparent
>
> In the last couple of months we've had to update a number of EZproxy stanzas as either tools migrate to HTTPS-only or people try to access HTTP/HTTPS parallel resources using browsers that automatically detect HTTP/HTTPS parallel resources and switch users to the HTTPS version (think current Chrome, anything with the HTTPSeverywhere plugin).
>
> We'd like to avoid updating our config.txt piecemeal on the basis of user-gernated error-reports
>
> We're thinking of going through our EZproxy config.txt and adding an H https:// for every H or URL entry. (Domain and DomainJavascript already work for both HTTP and HTTPS).
>
> Has anyone tried anything like this? Are there pitfalls?
>
> cheers
> stuart
> --
> ...let us be heard from red core to black sky
|