Hi all, I am trying to connect an httpd reverse proxy to a backend tomcat, and have this particular hop protected by a client certificate.
The error I get is:
[Sat Jan 05 14:02:54.252552 2019] [ssl:warn] [pid 16448:tid 139929388369664]
AH02268: Proxy client certificate callback: (jira.example.com:443) downstream
server wanted client certificate but none are configured
Ok, so httpd is telling me that the tomcat has requested a client certificate
(entirely true) but httpd is not configured with a client certificate.
Except httpd is configured with a client certificate, as follows:
SSLProxyEngine on
SSLProxyMachineCertificateFile /etc/pki/httpd/client.cert
SSLProxyMachineCertificateChainFile /etc/pki/httpd/client.chain
SSLProxyCACertificateFile /etc/pki/httpd/client-ca.crt
SSLProxyVerify require
SSLProxyVerifyDepth 3
Does this functionality work in httpd v2.4.35, or is it configured incorrectly?
(As soon as I can get this working, I would like to fix our docs to be clear
how to do this)
Regards,
Graham
—
smime.p7s
Description: S/MIME cryptographic signature
