Graham, Thanks for the response... :)
> > 1. Use the ProxyPass and ProxyPassReverse directives to authorize > > connections, and requiring client certs to authenticate to the server. > > This should work fine. Nope. The problem with this one is that the machines being proxied to aren't reachable from the outside world; it seems that the proxypass directives simply redirect the request, rather than doing a rewrite on the URL on both sides of the connection. So, when I would go to: http:/proxy/foo, where we have: ProxyPass /foo https://foo I get the browser/traffic redirected to https://foo (which is unavailable). > > 2. Using a normal SSL page to authenticate via client certs, and using an > > .htaccess file in the DocRoot of the proxy server to auth IP addresses. > > This won't work - as there is no concept of a root directory for a > proxied server. Put your directives within a <Location> tag in the main > server. This sounds promising; the question, then, is what location to point at to have the proxy reference the .htaccess file. Thanks, Mike -- | Mike Murray <[EMAIL PROTECTED]> | Scientific Technologist http://www.nCircle.com | nCircle Network Security 510.597.2656 [Office] | 415.305.0859 [Mobile]
