httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Li Run <>
Subject [users@httpd] help on ssl configuration of forward proxy
Date Wed, 26 Mar 2014 08:37:40 GMT

I'm trying to configure my apache server to be a forward proxy. And I tried to invoke some
webservices with the server as a proxy.
When the webservice endpoint is in HTTP, like,
then the client can work fine with the proxy specified.
But when the ws endpoint url is in HTTPS,,
the client will give out error:
<Error> <Net> <BEA-000903> <Failed to communicate with proxy: gugong/8088.
Will try connection now. Unrecognized response from SSL proxy: 'HTTP/1.1 403 Forbidden'

Here is my configuration:


ServerName mmog.test

AllowCONNECT  8088
  ProxyRequests On
ProxyVia      on

SSLProxyEngine on

#SSLVerifyClient require
#SSLVerifyClient optional_no_ca
#SSLVerifyClient none

SSLProxyVerify require
SSLProxyVerifyDepth 10

<Proxy *>
     Order Deny,Allow
     Allow from all

LogLevel debug

#SSLProxyMachineCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test.pem

SSLCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test/public.cer
SSLCertificateKeyFile /product/gemalto/MMOG_PAF_FP/keystore/test/private1.key

SSLProxyMachineCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test/test.pem

SSLProxyCACertificateFile /product/gemalto/MMOG_PAF_FP/keystore/AdminCA.pem

And I see this line in the proxy server log when starting:

[warn] no client certs found for SSL proxy

Anybody can help?

Li Run

This message and any attachments are intended solely for the addressees and may contain confidential
information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if
altered, changed or falsified. If you are not the intended recipient of this message, please
delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses,
the sender will not be liable for damages caused by a transmitted virus

View raw message