httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jens-U. Mozdzen" <jmozd...@nde.ag>
Subject Re: [users@httpd] Client certificate auth behind f5 loadbalancer
Date Wed, 25 Jun 2014 19:15:52 GMT
Hi Marc,

Zitat von Marc Schöchlin <ms@256bit.org>:
> Hello apache-users,
>
> i'm trying to implement client certificate authentication behind a f5
> loadbalancer.
>
> My loadbalancer terminates ssl, and dispatches the decrypted
> communication via network address translation to the backend apache server.
> The client certificate auth should be performed at the webserver.
>
> Unfortunately the "SSLVerifyClient" directive is ignored and access is
> always granted.
> It seems that without enabled ssl transport encryption, the logic for
> "SSLVerifyClient" is deactivated.
>
>
> Any hints?

yes, your web server is only seeing the plain HTTP traffic - all the  
SSL "stuff" got stripped at the load balancer.

You're so to speak asking to look at the post stamp of a letter, while  
you only received the content because your mail service already  
unpacked everything and dumped the envelope...

Regards,
Jens



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message