httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jens-U. Mozdzen" <>
Subject Re: [users@httpd] Client certificate auth behind f5 loadbalancer
Date Wed, 25 Jun 2014 19:15:52 GMT
Hi Marc,

Zitat von Marc Schöchlin <>:
> Hello apache-users,
> i'm trying to implement client certificate authentication behind a f5
> loadbalancer.
> My loadbalancer terminates ssl, and dispatches the decrypted
> communication via network address translation to the backend apache server.
> The client certificate auth should be performed at the webserver.
> Unfortunately the "SSLVerifyClient" directive is ignored and access is
> always granted.
> It seems that without enabled ssl transport encryption, the logic for
> "SSLVerifyClient" is deactivated.
> Any hints?

yes, your web server is only seeing the plain HTTP traffic - all the  
SSL "stuff" got stripped at the load balancer.

You're so to speak asking to look at the post stamp of a letter, while  
you only received the content because your mail service already  
unpacked everything and dumped the envelope...


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message