Efficient Use of Network Load-Balancing w/ SSL?

vw asks: "I was wondering if anyone has setup a webserver farm that uses both SSL and zero-affinity network-load-balancing. (i.e. requests in an SSL channel can be handled by any server in the farm) I have been having a very difficult time locating information on this specific combination of features in a web server product. The closest I found was WLBS, which implies that there must be an affinity toward a particular server for a given client IP. I understand the problem has something to do with sharing SSL certificates between physical machines. Any suggestions?"

Somewhat Simple -- perhaps non-obvious.

[rtaylor]

Setup an OpenBSD box with a crypto card. Let it do all of the dirty work. That box should proxy requests to the load balancer and other webservers in unencrypted form.

Lets you buy a single cert, and with hardware crypto you should be able to handle enough for a modest load -- more than a few million pages daily.