Hello, I'have already posted this message to the Apache users list, but since it is a mod-ssl related problem I try here too. I'm trying to configure apache as a SSL reverse proxy (i.e. http from browser to apache and https from apache to the remote server); everything works fine if no client authentication is required by the server. When I turn on client autentication on the server, the apache proxy process serving the request get a segmentation fault. I've read the documentation that comes with apache2, but the SSLProxy directives are not so clear to understand. For example, in order to authenticate to a server, a proxy needs a key pair (and a certificate, of course) but no directive is available to specify a key; I tried SSLCertificateFile and SSLCertificateKeyFile but these are only used if SSLEngine is on, which provokes the proxy speak SSL to clients, and doesn't resolve the problem anyway. If SSLEngine is off, apache doesn't even ask for the key file password. Here is the relevant section of the configuration file:
<IfDefine SSL> AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache dbm:logs/ssl_scache SSLSessionCacheTimeout 300 SSLMutex file:logs/ssl_mutex SSLRandomSeed startup builtin SSLRandomSeed connect builtin ## ## SSL Virtual Host Context ## <VirtualHost _default_:80> ServerName claudio.sogei.it:80 SSLProxyEngine on SSLCertificateFile /usr/local/apache2/conf/ssl.crt/client.crt SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/client.key ProxyRequests On ProxyPass / https://ccampetto1.sogei.it/ SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/clientcertkey.crt </VirtualHost> </IfDefine> Maybe I missed something. Can anybody enligthen me? Thanks in advance. Claudio Campetto. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
