httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: Apache proxy sending client certificate on behalf of the client
Date Mon, 28 May 2012 20:02:44 GMT
On Mon, May 28, 2012 at 3:53 PM, Duarte Silva
<duarte.silva@serializing.me> wrote:
> Hi all,
>
> I know this should be imposssible ("sounds" to me like a MITM), but bare with
> me for a second and please tell me if this is in any way possible:
>
> Client (HTTPS request) -> Apache (Forward Proxy) -> Server (HTTPS)
>                          \___________________/
>                                   \/
>                Sends the client certificate on behalf of
>                               the client
>
>
> Note that the client is able to create SSL connections but it is not able to
> send client certificate. Since the Apache is the one openning the connection
> to the end Server, isn't there a way to force Apache to send a specific client
> cert (the handshake is done in the Client even though the server is?
>
> If it isn't, is there any alternatives that do this? Maybe if it was a
> transparent proxy?
>

http://httpd.apache.org/userslist.html

Mime
View raw message