https://bz.apache.org/bugzilla/show_bug.cgi?id=64310
Bug ID: 64310
Summary: proxy wstunnel does not use
SSLProxyMachineCertificateFile
Product: Apache httpd-2
Version: 2.4.37
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_proxy_wstunnel
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
When proxying to a server that requires mutual SSL, the https proxy pass
connections work as expected, but wss connections do not pass the client
certificate
eg.
SSLProxyCACertificateFile myapp/ca.crt
SSLProxyVerify require
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyMachineCertificateFile myapp/proxy-user.pem
ProxyPreserveHost On
ProxyPass /websocket wss://wlg-myapp-docker-dev-01.co.nz:443/websocket
ProxyPass / https://wlg-myapp-docker-dev-01.co.nz:443/
ProxyPassReverse / https://wlg-myapp-docker-dev-01.co.nz:443/
The next hop is the nginx ingress router in kubernetes, which is helpful
because it gives useful feedback regarding client certificates
requests for /websocket get back
<head><title>400 No required SSL certificate was sent</title></head>
from kubernetes, all other requests that are matched by the https:// proxy pass
are handled correctly
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
