My situation:
browser <-https-> proxy <-https-> SSL Server
A RewriteRule on proxy (mod_ssl+mod_proxy):
RewriteRule ^/(.*) https://server.intern/$1 [P]
mod_proxy/mod_ssl acts as a SSL client.
How I can control on proxy , whether the connected SSL server (in the
example server.intern) is trusted or not ?
mod_ssl on proxy seems to accept any (not expired) certificate from
server.intern, not doing the checks a browser does, as they are
- "Certifcate Subject CN" identical to "server name" from URL
- a trusted CA in the chain of certificate presented by server
(SSLCACertificatePath seems only to effect Client authentication)
--Michi
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
