Actually I am using scheme like this one for redirecting public SSL
connection to my internal none SSL network:
internet >-- HTTPS --> apache proxy >-- HTTP --> internal network web
server
My SSL & Proxy related directives are:
ProxyVia Block
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>
<IfModule mod_ssl.c>
SSLSessionCache dbm:/some_where/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/somew_here/ssl_mutex
SSLRandomSeed startup builtin
SSLLog /http_dlog_place/ssl_engine_log
SSLLogLevel info
</IfModule>
Listen x.x.x.x:y
<VirtualHost x.x.x.x:y>
ServerName x.x.x.x
<IfDefine SSL>
SSLEngine on
SSLCertificateFile /some_where/my.crt
SSLCertificateKeyFile /some_where/my.key
</IfDefine>
<Location />
<IfDefine SSL>
SSLRequireSSL
</IfDefine>
Order allow,deny
Allow from c.c.c.c/m mydoman.com
</Location>
ProxyRequests Off
ProxyPass / http://z.z.z.z/path/
</VirtualHost>
My clients are enabled for specific network (c.c.c.c/m) and domains
(mydomain.com).
They have to point to https:/x.x.x.x:y/
You cam miss y if you are running SSL enabled HTTPD on port 443
Rossen
[EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
01/20/00 02:53 AM
Please respond to modssl-users
To: [EMAIL PROTECTED]
cc:
Subject: AW: ssl & proxy .. again
.. could you please tell me how you configured your apache? Im using the
same versions, and SSL is running.
How do you configure your clients?
Thanx,
Andreas
> -----Urspr> �ngliche Nachricht-----
> Von: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> Gesendet am: Mittwoch, 19. Januar 2000 22:48
> An: [EMAIL PROTECTED]
> Betreff: Re: ssl & proxy .. again
>
> Hi,
>
> Is you apache SSL enabled?
> I've configuration like this one but without usage of authorization an
it
> works fine for me.
> I am using apache 1.3.9, mod_ssl 2.4.10 and openssl 0.9.4.
>
> Rossen
>
>
>
>
>
> [EMAIL PROTECTED]
> Sent by: [EMAIL PROTECTED]
> 01/19/00 11:57 AM
> Please respond to modssl-users
>
>
> To: [EMAIL PROTECTED]
> cc:
> Subject: ssl & proxy .. again
>
> Hi there,
>
> in the mail archive I found a discussion about using a https connection
> from browser to proxy, regardless of the request type. ( browser <- ssl
> -> proxy <- whatever -> server).
>
> Actually, I am trying to set this up myself, without success so far, and
> would like to ask, if it can be done somehow.
>
> The reason for doing this is, that I want my users to authenticate
against
> apache through some module ( mod_auth_nds, actually, but it could be any
> auth module ) and by their authentication / authorization define, how ca
> use which Internet resources.
> I do not want their NDS password going over the net in plain text,
though.
>
> Does anybody know, if / how this can be accomplished?
>
> regards,
>
> Andreas
>
>
> [EMAIL PROTECTED]
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
>
>
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
