httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Liegler, Jörg <Joerg.Lieg...@adesso.at>
Subject [users@httpd] Apache proxy as client to ssl server
Date Thu, 16 Sep 2010 13:32:50 GMT
Hi! Pls help with the following scenario:

http Server -> Apache proxy -> A) HTTPS Service with self signed certificate A_C
                            -> B) HTTPS Service with certificate B_C signed by thawte T_CA

I am sending http requests to the Apache proxy. On Apache proxy, I have a virtual host with

...
    ProxyRequests Off
    ProxyPreserveHost On
    ProxyVia On
    ProxyTimeout 2
    SSLEngine off
    SSLProxyEngine on
    SSLProxyVerifyDepth 2
    SSLProxyVerify require
    SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl/???.pem
    <Location ...
       ProxyPass https://....
...

On servers A und B, there is no client key authentication, so just simple https.

My questions:

- What do I have to put in ???.pem for the SSLProxyMachineCertificateFile. If - how do I have
to use openssl to generate client keys?

- Does I have to put the A_C and B_C from servers A und B somewhere in order to pass SSLProxyVerify
require? Do I have to insert that T_CA certificate additionally, or the whole chain?

- Am I missing some other definitions?

Thx a lot

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message