httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 55326] SSLProxyCheckPeerName not working in conjunction with mod_rewrite
Date Thu, 01 Aug 2013 05:59:51 GMT

Kaspar Brand <> changed:

           What    |Removed                     |Added
           Hardware|Other                       |All
                 OS|Linux                       |All

--- Comment #1 from Kaspar Brand <> ---
(In reply to falco from comment #0)
> If you additionally add the old directive, it works just fine:
>    SSLProxyEngine on
>    SSLProxyCheckPeerName off
>    SSLProxyCheckPeerCN off
>    RewriteRule /status/(.*) https://$1/server-status [P]
> But I do not think that this is intentional if SSLProxyCheckPeerName
> supersedes SSLProxyCheckPeerCN.

It is intentional, see

"In 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by
SSLProxyCheckPeerName, and its setting is only taken into account when
SSLProxyCheckPeerName off is specified at the same time."

SSLProxyCheckPeerName supersedes SSLProxyCheckPeerCN as far as the default
settings are concerned. Turning off hostname checking for proxied https content
mostly indicates a misunderstanding of the primary purpose of SSL
(authentication), so I think it wouldn't be a good idea if
"SSLProxyCheckPeerName off" would silently disable SSLProxyCheckPeerCN at the
same time.

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message