I'm not sure about checking another authority, but suspect the configs
would be in conf/ssl.conf. For doing the reverse proxying, I edited
proxy.conf and included it inside ssl.conf. Inside proxy.conf,
statements like:
ProxyPass /cgi/ http://10.0.10.1/cgi/
ProxyPassReverse /cgi/ http://10.0.10.1/cgi/
are what accomplishes the reverse proxying. In our case, https: comes
into the proxy and we talk (behind the DMZ) http to the web servers.
Danny Kruitbosch wrote:
> Hi,
>
> We want to build the following situation:
>
> - Apache with mod_ssl as a reverse SSL proxy (Client ---> SSL/HTTPS
> ---> Rev. proxy ---> HTTP ---> Web/App server)
> - We need to check for client certificates. These certs are handed out
> by another party (not a real TTP). We need to check the signature on
> the client certs and the validity of the client certs.
>
>
> What's the best way to do this. I've read the mod_ssl manual, but I
> don't understand how I can check client certs from another (third) party.
>
> How do I setup Apache as an SSL reverse proxy?
>
> Any help on this would be great!
>
> Cheers,
>
> Danny Kruitbosch
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
--
.tom
--
.tom
http://isectd.sourceforge.net
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
