On 2012-04-02 09:20, Petr Bena wrote:
That's not what I wanted to say, I wanted to say "https may cause troubles with caching", In fact some caching servers have problems with https since the header is encrypted as well, so they usually just forward the encrypted traffic to server. I don't say it's impossible to cache this, but it's very complicated
That might indeed by an issue.
That is why you want to use HTTPS off loader at the edge of your cluster, they will handle unencryption and then server that as unencrypted traffic again :-]
I believe that is what the WMF is doing by using nginx as an HTTPS proxy. Someone with better knowledge will confirm.