>-----Original Message----- >From: Yu, Ming [mailto:[EMAIL PROTECTED]] >Sent: 12 October 2001 14:19 >To: '[EMAIL PROTECTED]' >Subject: Mod_ssl and proxypass... > > >I have a general question about SSL and Apache: I am running >Apache 1.3.20 >with mod_ssl. I created a Virtual host in the apache server > ><VirtualHost 10.0.0.1:443> >ServerName secwww.company.com >DocumentRoot=/www/docs/htdocs >SSLEngin On >. >. >. >RewriteEngin On > ><Directory ~ "^proxy:.*"> > > Order allow,deny > > Allow from all > ></Directory> > >ProxyPass /test/ http://another-machine.company.com/ > >ProxyPassReverse /test/ http://another-machine.company.com/ >. >. ></VirtualHost> > >When user browse https://secwww.company.com/test/; is >everything incrypted? >What about the proxy request from secwww.jhuapl.edu to >another-machine.company.com?
Yes, communication between the client and https://secwww.company.com is encrypted. No, communication between https://secwww.company.com between another-machine.company.com is not encrypted. If another-machine.company.com supports SSL, you can use https:// in your ProxyPass directive. The last time I looked, this was not documented in the mod_ssl documentation. - John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
