Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 453D011F78 for ; Tue, 15 Apr 2014 16:10:01 +0000 (UTC) Received: (qmail 40910 invoked by uid 500); 15 Apr 2014 16:09:57 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 40863 invoked by uid 500); 15 Apr 2014 16:09:57 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 40854 invoked by uid 99); 15 Apr 2014 16:09:56 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Apr 2014 16:09:56 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of alessandro.macuz@gmail.com designates 209.85.215.53 as permitted sender) Received: from [209.85.215.53] (HELO mail-la0-f53.google.com) (209.85.215.53) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Apr 2014 16:09:52 +0000 Received: by mail-la0-f53.google.com with SMTP id b8so7167751lan.12 for ; Tue, 15 Apr 2014 09:09:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=2LquakRpmp/zXo9aHxJT+/Q77ir3Q7wkEIvshI3N8EU=; b=hCJo4zEAKROhX5ALXbec5aJqBD4bvWm5n8ZqOg5Ya8uSsX6KDwcdF2TnKP4sMgtMNq Gwoj0eJKFlgnZDK8GKqnLCWuWrOUcwz8glUIKyhaw0qb+9qRmQqeyRTnSrWHWtZi941X V9rNSBWhokMJRH3OggQgnrF5JvmzWkAzLprn3OJXcXWwlU63X/ML66d4ICgTNv7lHQWH 9JCIKmnAD94SZPfcXCjhlH87oEG9VuSA7aDQgDwZK76NaSlbKdbwnOENt34zuQCPafyd /N6JKfWCKtVvEuB0BfG0vCkeeN61/Ro6UAnmCR7eHzmuB9XHIubbKVrFqZIWCMjUCQRX kQKQ== MIME-Version: 1.0 X-Received: by 10.112.94.229 with SMTP id df5mr1782578lbb.36.1397578170620; Tue, 15 Apr 2014 09:09:30 -0700 (PDT) Received: by 10.113.3.35 with HTTP; Tue, 15 Apr 2014 09:09:30 -0700 (PDT) Date: Tue, 15 Apr 2014 18:09:30 +0200 Message-ID: From: alessandro macuz To: users@httpd.apache.org Content-Type: multipart/alternative; boundary=001a1135f7ac67e39504f717067f X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Apache sending a client certificate for mutual authentication --001a1135f7ac67e39504f717067f Content-Type: text/plain; charset=UTF-8 Hi folks, the most recent question on the topic I found is this one http://httpd.markmail.org/message/n5uuusgzsi2bc72b?q=apache+to+send+ssl+client+certificate but there who asked the question was invited to use this list and I didn't see this topic discussed. To give you an idea just imagine the scenario where we want to increase the security of the access to a web-server on a appliance that does mutual authentication but with weaker control. Can apache2 send a client certificate on a back-end connection? Do you have any reference? Or is it not possible at all? Many thanks in advance, Alex --001a1135f7ac67e39504f717067f Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Hi folks,

the most recent question on t= he topic I found is this one

http://ht= tpd.markmail.org/message/n5uuusgzsi2bc72b?q=3Dapache+to+send+ssl+client+cer= tificate

but there who asked the question was invited to use this list and I did= n't see this topic discussed.

To give you an i= dea just imagine the scenario where we want to increase the security of the= access to a web-server on a appliance that does mutual authentication but = with weaker control.

Can apache2 send a client certificate on a back-end con= nection?

Do you have any reference? Or is it not possible at all?=

Many thanks in advance,

Alex

--001a1135f7ac67e39504f717067f--