httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Client certificate auth behind f5 loadbalancer
Date Wed, 25 Jun 2014 22:05:18 GMT
On Wed, Jun 25, 2014 at 5:53 PM, Marc Schöchlin <ms@256bit.org> wrote:
> in my understanding authentication using client certificates is just a
> cryptographic validation of a public/private keypair over a already
> established ssl-secured channel.
> For example, it is possible to use a official certificate for the ssl
> channel and my own ca for client certificate validation.

It's part of the handshake, which can be later scrutinized by the
application layer.

However, there is no standard way to share the the client certificate
authenticated by a proxy with a backend origin server, and no way at
all that mod_ssl is willing to receive (that I am aware of)

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message