I’m having issues with SSL on Rackspace - their load balancers only seem to listen on one port (rather than both 80 and 443). How can I solve this?
Posted: over 2 years
Unfortunately, Rackspace requires a bit of a workaround when setting up SSL. This is due to a limitation in their load balancers - they can only listen for traffic on one port at a time, whereas ideally you’d want it to listen on port 80 and 443. You have two options:
1) Setup SSL termination SSL termination means that you add your SSL certificate on the load balancer, instead of adding it to your nodes. When a user visits your site, the load balancer then deals with the SSL, and passes the traffic to the node unencrypted (on the private network).
To set this up, visit your Rackspace dashboard and click into the load balancer. Under “Optional features”, you have the ability to select “Secure traffic” and add your SSL certificate there. Please note that you should select “Allow secure and insecure traffic” on the load balancer, and then select a HTTP to HTTPS redirect in the Cloud 66 “Network settings”.
2) Add a second load balancer Creating a second load balancer that works in conjunction with the first one allows you to listen to two ports on the same IP address. If you access the Rackspace dashboard, create a new load balancer in the same region as the first one. Set it to listen to port 443, as the first one listens to port 80. Under “Virtual IP”, select “Shared VIP on Another load balancer”, and select the first load balancer. Under “Add nodes”, select the nodes you are directing traffic to.
This setup will allow you to have the SSL added to your nodes, along with the HTTP to HTTPS redirect.
You must be logged in to answer this question