We have a rather unusual proxying scheme. In normal operation, our server has all of the slave applications' DNS pointing to itself. Browsers are not configured to proxy. After authentication and access control, it converts the "local" reference to a proxy to the real server (like the wAMPC example in the section on: "Invoking mod_proxy for Nonproxy requests"). We have this working rather well. In one particular instance, we need to have this server acting as a real proxy (browsers are configured to have it as a proxy), and fall through the rest of the code to the back end applications. I have this working for HTTP easily enough (just don't proxyify the requests), but SSL seems to be a severe problem, because browsers use the "CONNECT hostname:port" for https (and then blindly copy packets bidirectionally), rather than "GET http://host.../file". I believe I can get this to work if, after detecting a "CONNECT" method connection, I change the effective "hostname:port" to be localhost:443, and force the Apache proxy to redirect to itself. Then I can handle it through the stuff we already use. Does anybody know how to alter the CONNECT's parameters in mod_perl so that mod_proxy will do the right thing with it? I can "see" the CONNECT parameter by examining $r-uri, but setting it ala $r->uri("localhost:443") appears to be ignored. I can't even seem to find official documentation for CONNECT. The links (netscape and elsewhere) appear dead. I've been playing around with some simple stand-alone proxies to test out whether the back-end stuff will work out, but, I don't seem to be able to get them to interoperate with CONNECT requests quite yet. Thanks muchly.