On Mon, May 28, 2012 at 3:53 PM, Duarte Silva <duarte.si...@serializing.me> wrote: > Hi all, > > I know this should be imposssible ("sounds" to me like a MITM), but bare with > me for a second and please tell me if this is in any way possible: > > Client (HTTPS request) -> Apache (Forward Proxy) -> Server (HTTPS) > \___________________/ > \/ > Sends the client certificate on behalf of > the client > > > Note that the client is able to create SSL connections but it is not able to > send client certificate. Since the Apache is the one openning the connection > to the end Server, isn't there a way to force Apache to send a specific client > cert (the handshake is done in the Client even though the server is? > > If it isn't, is there any alternatives that do this? Maybe if it was a > transparent proxy? >
http://httpd.apache.org/userslist.html