As an Apache2/mod_proxy user (not developer), I can speak for the following:
> 1) SSL proxying. Due to security policies, we have a number > of back end app servers that require SSL from the client to > the server. Therefore SSL based proxying is a requirement. I > have never seen a definitive statement as to whether SSL > proxying is supported, but I've seen indications it is not, > and confirmed in my tests that it did not work. Is there any > plans to implement this feature? We're using Apache2 mod_proxy as a reverse proxy with mod_ssl enabled, proxying to a back-end WWW server over https. My understanding is that the proxy is an SSL termination point, and it then opens a new SSL connection to the back-end. You need to install certs on both Apache and the back-end (although they can be the exact same cert.) You also need to specify the "SSLProxyEngine On" directive in your httpd.conf file. A fact that you should also be aware of is that, technically speaking, the request/response are being decrypted and re-encrypted in the Apache mod_proxy process before being proxied onward to network. Theoretically, this exposes you to man-in-the-middle issues... so good host security and the latest patches are essential. cheers Eric
