httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Gausling <markusgausl...@googlemail.com>
Subject Re: [users@httpd] Apache 2.4: Proxy certificate configuration question
Date Thu, 04 May 2017 11:54:03 GMT
Thanks for response.

Maybe I did not make it clear but I need to have the certificates for the
authentication between HTTP Proxy and WebServer. So HTTP Proxy shall
authenticate WebServer and vice versa with the client certificate and
the secret key.

The clients that use the HTTP Proxy shall not be involved here and
authentication shall be handled completely between HTTP Proxy and remote
WebServer.

Basically I have configured the HTTP Proxy using
SSLProxyMachineCertificateFile and it is working fine. The problem I have
is that I have certificate and key as two separate files and so I
always have to combine them into one (and rewrite key BEGIN and END to add
RSA).

​Regards
Markus Gausling​


2017-05-04 12:54 GMT+02:00 Marat Khalili <mkh@rqc.ru>:

> You configure certificates of your proxy server exactly the same way as
> for web server, using SSLCertificateFile, SSLCertificateKeyFile and
> possibly SSLCertificateChainFile. Most likely you don't need
> SSLProxyMachineCertificateFile (it configures _client_ certificate of your
> server before other servers).
>
> --
>
> With Best Regards,
> Marat Khalili
>
> On 03/05/17 18:11, Markus Gausling wrote:
>
> Hello,
>
> when Apache is configured as a WebServer I can configure the private
> key and the certificate of the server separately using
> SSLCertificateFile and SSLCertificateKeyFile.
>
> When configuring Apache as an HTTP Proxy (Reverse Proxy or Forward
> Proxy) it seems I can only configure the proxy private key and
> certificate if they are combined into a single PEM file with
> SSLProxyMachineCertificateFile.
>
> Is that understanding corrector is there also a way to defined key and
> certificate for an HTTP Proxy configuration separately?
>
> Regards
> Markus
>
>
>

Mime
View raw message