httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexiuc, Daniel" <daniel.alex...@sap.com>
Subject [users@httpd] How to pass a Client Certificate through a Reverse Proxy
Date Thu, 08 Mar 2007 05:41:17 GMT
Hi all,

I've configured Apache as a reverse proxy in the following kind of
arrangement:

Client's browser -------> Apache Reverse Proxy ------> External Server


When the External Server requires Basic Authentication or SSL from the
client, this works fine through the proxy. I have configured this using
a RewriteRule with the "Use Proxy" option like so:

RewriteRule ^/call/(.*)$ $1 [P]


However this setup does not seem to work when I want to pass a Client
Certificate from the browser to the External Server for Authentication.
I get the following error messages:

[Thu Mar 08 11:43:29 2007] [warn] Proxy client certificate callback:
(localhost:80) downstream server wanted client certificate but none are
configured
[Thu Mar 08 11:43:29 2007] [error] (502)Unknown error: proxy: pass
request body failed to 10.43.125.11:8443

It seems as if the reverse proxy isn't passing through the client
certificate from the browser. I realise that it is possible to setup the
reverse proxy with a client certificate, but I need the client
certificate to come from the client's browser.

Does anyone have any suggestions about how to configure the reverse
proxy to "pass through" client certificates? 

Thanks for your help...

Daniel Alexiuc




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message