Hello,
I currently have a HTTPS reverse proxy setup and it works like a champ!
I am trying to pass the client cert from the reverse proxy to the
backend server in the headers like so...
RewriteCond %{SSL:SSL_CLIENT_CERT} (.*)
RewriteRule .* - [E=SSLCC:%1]
RequestHeader add X-SSL-Client-Cert %{SSLCC}e
RewriteRule ^/https(.*)$ https://kftcsu09.ftc.lab:6443/$1 [P,L]
Problem is, on the backend server that receives the request with client
cert. in the headers it looks like this...
XXX "-----BEGIN CERTIFICATE-----" XXX 10.0.0.114 - -
[21/Nov/2006:16:15:02 -0500] "GET / HTTP/1.1" 200 4855 "-" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"
I only get the FIRST line of the client certificate...
-----BEGIN CERTIFICATE-----
And NOT the whole thing like...
-----BEGIN CERTIFICATE-----
MIIDhjCCAm6gAwIBAgIQZ/IVv3ytMJxL1k62UAK1aDANBgkqhkiG9w0BAQUFADAY
Stuff, stuff, stuff,
CnsoGAWH1LHipceWTVaxAh+ZlmP9iwjD6+i7oGSFnuNT9iKBrRXHQuZt
-----END CERTIFICATE-----
I am assuming that the newlines in the client certificate on the reverse
proxy are hosing up sending the WHOLE client certificate.
How do I fix this problem?
Do I try to take out the new lines in rewrite somehow?, how do I do
that, I have no clue.
Do I try to do something else? What and how?
I have searched and could not find anything.
Thanks much for you help, I appreciate it.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
