Hello!
I wonder if it is possible to do https proxying (not tunnelling) with Apache
and Mod_ssl.
By proxying I mean that :
the client speaks http ONLY
the proxy server converts to https:// and handles de connection to the
destination (or the reverse proxy on the server side).
The benefits are:
- caching : as the proxy is the SSL endpoint it decrypts and thuis should be
able to cache
- no need of extra packages on the client desktops if the requested
encryption (requested by the target SSL server) is strong
- no encrypted traffic crossing the organization boundary (assuming that the
proxy is at the boundary).
The drawback is that the local (between the client and the local proxy) net
must be trusted.
Any idea on how to set that config up with Apache? As of today I already
have https tunnelling working fine. And I've already done that with a
commercial product, in a previous life...
####################################################################
Jean-Pierre Morant
OLAF - Security & Network Management
Office: +32 (0)2 2996751
Mobile: +32 (0)478 201505
Fax: +32 (0)2 296085
[EMAIL PROTECTED]
[EMAIL PROTECTED]
#include <std.disclaimer.h>
#define MOTTO "La vie serait tellement plus belle \
si seulement nous avions les sources!"
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
