Search This Blog

Friday, August 5, 2016

Two words about Lync Reverse Proxy requirements

Reverse proxy can provide

SSL pass-through - RP just passes HTTPS traffic without really changing it

SSL offload - HTTPS traffic is terminated at RP and then passed to internal host in HTTP.

SSL bridging - HTTPS is terminated at RP, proxy have a chance to read unecrypted traffic, then it would opn new HTTPS stream to internal server.

First and third methods are supported by Lync, but not SSL offload.

The prefered and less painful method is  SSL Bridging. You should use a public certificate on RP and a private one in Lync.

No comments: