httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [users@httpd] Server certificate verification with reverse SSL proxy
Date Wed, 15 Oct 2003 11:57:03 GMT

I'm trying to set up Apache 2.0 as a reverse proxy.  The front-end
of this reverse proxy setup uses HTTP, the back-end uses SSL.  The
setup works fine as long as I do not enable the verification of the
back-end server certificate.  The back-end server certificate is
signed/issued by a self-signed CA.  But apparently mod_ssl/OpenSSL
can not handle that self signed certificate in the certificate chain.
Do any of you have a suggestion on how to resolve this problem?
More details below... 

Relevant part of the configuration:

  <IfModule mod_proxy.c>
    ProxyPass        /prefix https://hostname
    ProxyPassReverse /prefix https://hostname
    SSLProxyEngine on
    SSLProxyVerify require 
    SSLProxyCACertificateFile conf/ssl/backend.crt

Relevant part of the error_log:

  [Wed Oct 15 13:40:36 2003] [error] Certificate Verification: Error
  (19): self signed certificate in certificate chain
  [Wed Oct 15 13:40:36 2003] [error] (20014)Error string not specified
  yet: proxy: request failed to (hostname)

  Kris Verbeeck

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message