httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Murray <>
Subject SSL Proxy with Strong Authentication
Date Thu, 24 Jan 2002 23:48:38 GMT
Hash: SHA1

Hi all,

I'm investigating using Apache and SSL for (reverse) proxying HTTPS requests; 
however, one of the requirements of the task is to have a strong auth 
mechanism in place.  

I had two ideas, both of which have lead me to a dead end:

1.  Use the ProxyPass and ProxyPassReverse directives to authorize 
connections, and requiring client certs to authenticate to the server.

2.  Using a normal SSL page to authenticate via client certs, and using an 
.htaccess file in the DocRoot of the proxy server to auth IP addresses.  

Both seemed likely, and both have failed.  The first because the directives 
don't work as I had hoped, and the second because I can't find anywhere to 
put an .htaccess file that makes sense to the <Directory proxy> section.

So, this is a two-part question: first, does anybody have any idea on how to 
use .htaccess to control access to the proxy, and/or, does anybody have any 
ideas on what will accomplish this task?


- -- 
| Mike Murray                    <>
| Scientific Technologist
| nCircle Network Security      
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message