httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pe uni <pe...@yahoo.com>
Subject Re: [users@httpd] (internal app) --http-->apache---https--->(external app)
Date Mon, 24 Aug 2009 20:06:13 GMT
Hi Eric, 
I tried the hint - SSLProxyEngine On. The https connection works with websites/applications
that don't require a certificate. 
For websites/applications that require a certificate, it fails. Please verify if the below
config makes sense?
I included the following SSL directives in the virtualhost port. 
<VirtualHost my_ipaddr:44444>
    ---  
SSLProxyEngine On
SSLEngine On SSLCertificateFile /etc/httpd/ssl/servercerts/server.CRT SSLCertificateKeyFile
/etc/httpd/ssl/servercerts/server.KEY SSLProxyMachineCertificateFile /etc/httpd/ssl/clientcerts/client-cert.p12

    --
</VirtualHost>
------------------------------
[Mon Aug 24 10:31:11 2009] [debug] ssl_engine_kernel.c(1765): OpenSSL: Read: SSLv3 read finished
A
[Mon Aug 24 10:31:11 2009] [debug] ssl_engine_kernel.c(1784): OpenSSL: Exit: failed in SSLv3
read finished A
[Mon Aug 24 10:31:11 2009] [info] [client ip_addr1] SSL library error 1 reading data
[Mon Aug 24 10:31:11 2009] [info] SSL Library Error: 336151568 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3
alert handshake failure
[Mon Aug 24 10:31:11 2009] [info] SSL Library Error: 336150757 error:140940E5:SSL routines:SSL3_READ_BYTES:ssl
handshake failure
[Mon Aug 24 10:31:11 2009] [error] [client ip_addr2] (20014)Internal error: proxy: error reading
status line from remote server webapplication_server 
[Mon Aug 24 10:31:11 2009] [debug] mod_proxy_http.c(1466): [client 199.130.193.102] proxy:
NOT Closing connection to client although reading from backend server webapplication_server
failed.
-----------------------------


--- On Sun, 8/23/09, Eric Covener <covener@gmail.com> wrote:

> From: Eric Covener <covener@gmail.com>
> Subject: Re: [users@httpd] (internal app) --http-->apache---https--->(external
 app)
> To: users@httpd.apache.org
> Date: Sunday, August 23, 2009, 9:17 PM
> > [Sun Aug 23 12:24:39 2009]
> [error] [client 73.155.40.73] SSL Proxy requested for
> my_proxyserver:80 but not enabled [Hint: SSLProxyEngine]
> 
> Tried the hint?
> 
> -- 
> Eric Covener
> covener@gmail.com
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more
> info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 


      

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message