On Wed, Jul 24, 2002 at 05:45:15PM -0500, David Iungerich wrote: > Thanks Daniel. What all is needed as adjustments to my conf file? As I > understood it, there was an issue with Apach taking an http POST reqest and > encrypting it with a given cert, then sending it along via https. If you > could tell me exactly what I need version-wise and what to add/change in a > standard conf file, I'd greatly appreciate it.
I am not sure I understand what you mean with "encrypting it with a given cert". I am guessing it means that your client must present a specific client certificate to the remote server. This SSL functionality was present in mod_ssl versions for 1.3 if you compiled with SSL_EXPERIMENTAL flag, but was not working very well. Apache 2.0 includes robust support for that functionality (thanks to Doug MacEachern of mod_perl fame) and I recommend you use that. The directive you want is SSLProxyMachineCertificateFile, for specifying the client certificate(s) to present to the remote server. It is not documented currently on the Apache project, but take a look at : http://www.covalent.net/support/docs/faststart/2.0.0/userguide/html/sslconfigure.php#1138492 Hope it helps Daniel > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Daniel Lopez > Sent: Wednesday, July 24, 2002 4:30 PM > To: [EMAIL PROTECTED] > Subject: Re: http to https forward > > > > > yes, that is correct. I meant http to https. So, there is no way to do > > this with existing mods? I have to use something else? Java or Python > > program? Anyone already have anything? > > You can already do it with Apache 2, and I am pretty sure you can do it with > Apache 1.3 too. The directives are just not documented, I am working on a > patch for the docs. But you are able to do > > SSLProxyEngine on > ProxyPass / https://some.host.com > > And you can also use other SSLProxy* directives like SSLProxyVerify, etc. > > Daniel > > -- > Teach Yourself Apache 2 -- http://apacheworld.org/ty24/ > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
