Package org.jclouds.rackspace.cloudloadbalancers.v1.domain

Class SSLTermination

java.lang.Object
org.jclouds.rackspace.cloudloadbalancers.v1.domain.SSLTermination
public class SSLTermination extends Object
The SSL Termination feature allows a load balancer user to terminate SSL traffic at the load balancer layer versus at the web server layer. A user may choose to configure SSL Termination using a key and an SSL certificate or an (Intermediate) SSL certificate.

When SSL Termination is configured on a load balancer, a secure shadow server is created that listens only for secure traffic on a user-specified port. This shadow server is only visible to and manageable by the system. Existing or updated attributes on a load balancer with SSL Termination will also apply to its shadow server. For example, if Connection Logging is enabled on an SSL load balancer, it will also be enabled on the shadow server and Cloud Files logs will contain log files for both.

Notes

  1. SSL Termination may only be configured on load balancers with non-secure protocols. For example, SSL Termination can be applied to an HTTP load balancer, but not to an HTTPS load balancer.
  2. SSL-terminated load balancers decrypt the traffic at the traffic manager and pass unencrypted traffic to the back-end node. Because of this, the customer's back-end nodes don't know what protocol the client requested. Therefore the X-Forwarded-Proto (XFP) header has been added for identifying the originating protocol of an HTTP request as "http" or "https" depending on what protocol the client requested.
  3. Not every service will return certificates in the proper order. Please verify that your chain of certificates matches that of walking up the chain from the domain to the CA root.
Warning
  1. If SSL is enabled on a load balancer that is configured with nodes that are NOT in the same datacenter, then decrypted traffic will be sent in clear text over the public internet to the external node(s) and will no longer be secure.
Optional SSL Attributes
Optional SSL Attributes Non-SSL Traffic SSL Traffic
enabled = true (default) Yes Yes
enabled = false Yes No
secureTrafficOnly = true No Yes
secureTrafficOnly = false (default) Yes Yes

enabled = true

secureTrafficOnly = true

 No Yes

enabled = true

secureTrafficOnly = false

 Yes Yes

enabled = false

secureTrafficOnly = false

 Yes No

enabled = false

secureTrafficOnly = true

 Yes No

  • Constructor Details

    • SSLTermination

      @ConstructorProperties({"enabled","secureTrafficOnly","securePort","certificate","privatekey","intermediateCertificate"}) protected SSLTermination(boolean enabled, boolean secureTrafficOnly, int securePort, String certificate, String privateKey, String intermediateCertificate)

  • Method Details

    • getEnabled

      public boolean getEnabled()

    • getSecureTrafficOnly

      public boolean getSecureTrafficOnly()

    • getSecurePort

      public int getSecurePort()

    • getCertificate

      public com.google.common.base.Optional<String> getCertificate()

    • getPrivateKey

      public com.google.common.base.Optional<String> getPrivateKey()

    • getIntermediateCertificate

      public com.google.common.base.Optional<String> getIntermediateCertificate()

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • string

      protected com.google.common.base.MoreObjects.ToStringHelper string()

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • builder

      public static SSLTermination.Builder builder()

    • toBuilder

      public SSLTermination.Builder toBuilder()