備忘録

1.ダウンロード
http://www.apsis.ch/pound/
Pound-2.4.3.tgzをダウンロード

2.OpenSSL-devel
Yastでインストール

3.useradd
useradd www -s /sbin/nologin

4.Poundインストール
・tar xvfz Pound-2.4.3.tgz
・./configure --with-ssl=/usr
・make
・make install

5.設定準備
mkdir /usr/local/etc
cd /usr/local/etc
openssl genrsa -des3 -out server-key.pem 1024
openssl rsa -in server-key.pem -out server-key.pem
openssl req -new -key server-key.pem -x509 -out pound.pem
cat server-key.pem >> pound.pem

6.pound.cfgの設定
User "nobody"
Group "nobody"
#RootJail "/usr/share/pound"
Control "/var/run/pound/ctl_socket"

# Main listening ports
ListenHTTP
Address 192.168.1.220
Port 80
xHTTP 1
End
ListenHTTPS
Address 192.168.1.220
Port 443
Cert "/usr/local/etc/pound.pem"
Ciphers "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
xHTTP 1
End

# Images server(s)
#Service
# URL ".*.(jpg|gif)"
# BackEnd
# Address 127.0.0.1
# Port 80
# End
#End

# redirect all requests for /forbidden
#Service
# Url "/forbidden.*"
# Redirect "https://localhost/"
#End

# Catch-all server(s)
Service
BackEnd
Address 192.168.1.3
Port 80
End
# BackEnd
# Address 127.0.0.1
# Port 80
# End
Session
Type BASIC
TTL 300
End
End

7.その他
mkdir /var/run/Pound

8.起動
/usr/local/sbin/pound

参考
http://www.atmarkit.co.jp/flinux/rensai/apache2_05/apache05c.html