I am using a reverse proxy built with apache 1.3.19 with mod_rewrite and mod_proxy,
and mod_ssl 2.8.2.
The connection looks like:
Client Proxy Application
------ ----- -----------
<----- SSL connect 1 ----> <----- SSL connect 2 --------->
SSL connection 1 uses client and server certs ("SSLVerifyClient require").
I also need to use client and server certs on SSL connection 2 (i.e. the connection
initiated by mod_proxy). But when the application Apache server requires a client
cert ("SSLVerifyClient require") it does not receive a cert from the proxy.
Is there a way to configure mod_ssl / mod_proxy to send a cert on SSL con 2?
The cert does not need to be related to the cert on SSL connection 1, and I also
don't need to forward any fields from the client cert as HTTP headers.
Here are some relevant config statements from the proxy
SSLCertificateKeyFile ${crtdir}/${hostname}.key
SSLCertificateFile ${crtdir}/${hostname}.crt
SSLCertificateChainFile ${crtdir}/ubs-ca.crt
SSLCACertificateFile ${crtdir}/conextradeCA-qa1.crt
SSLVerifyClient require
RewriteEngine On
RewriteRule ^/(xcc)$ https://${appl}/$1 [P,L]
RewriteRule .* - [F]
Thanks
Ian
--------------------------------------------------------------
Ian Beselin (BH-I5EW-MF9) [EMAIL PROTECTED] +41 1 236 1629
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
