Hello, I am setting up an Apache 1.3.26 reverse proxy on Linux to a remote IIS v5.0 server with a client certificate but it doesn't work. I kept getting 403 forbidden error because IIS v5.0 does not send a list of acceptable CAs to the Apache reverse proxy so Apache doesn't send the client certificate to IIS.
In my httpd.conf file, SSLProxyMachineCertificateFile points_to_client_cert SSLProxyCAMachineCertificateFile points_to_CA_of_IIS_server_cert ProxyPass /test/ https://www.testiis.server/ ProxyPassReverse /test/ https://www.testiis.server/ There is nothing wrong with my Apache reverse proxy setup because it works fine when I set it to another remote Apache web server with client certificate (SSLVerify required). I used "openssl s_client -connect ..." to test the IIS server and found that it wasn't sending a list of acceptable CAs to the client. I have configured IIS with One-to-One Mapping as per instructions on this webpage: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/ad/windows2000/howto/mapcerts.asp I just want to make sure that it is a IIS problem for not sending the list of acceptable CAs. Has anyone here got this type of set up to work before? Thanks! GOSS __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
