Hello All, ** I am sorry to send you this mail again. If someone knows anything on this, please reply. Thanks a lot in advance **. I am trying to make a proxy server(apache 1.3.22 compiled after enabling SSL_EXPERIMENTAL) authenticate itself to a backend server(apache 1.3.19) which is in the same machine (although in a real scenario the backend server will run on a different machine). Proxyserver listens at port 6666 on a machine and the backend server listnes at 127.0.0.2:8443. All the communications are SSL-enabled. browser ->---SSL + client auth--> Proxy server --SSL-->backend server. Browser authenticates itself to the proxy server whereas proxy server does not authenticate itself to the backend server. Now, the need is to make the proxy server also authenticate itself to the backend server. The proxy server has the directive "SSLProxyMachineCertficateFile" in it's httpd.conf. This directive has the value set to the its'(proxy's) client certificate. Should I need to set the value for SSLProxyCACertficateFile also? The error I see in the browser is: ------------------ The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /. Reason: SSL proxy connect failed (test:6666): peer 127.0.0.1:8443: key values mismatch ------------------- and the error that I see in the backend server is --------------------- [error] mod_ssl: SSL handshake failed (server vvos3:8443, client 127.0.0.1) (OpenSSL library error follows) [Sun Apr 21 10:56:32 2002] [error] OpenSSL: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate [Hint: No CAs known to server for verification?] ------------------------ Can anyone please throw light on this ? Thanks a lot in advance. Thanks and Regards, Anbu __________________________________________________ Do You Yahoo!? Yahoo! Games - play chess, backgammon, pool and more http://games.yahoo.com/ ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]