Hello,
I have discovered some strange behavior using mod_proxy with SSL Client
Authentication.
We are talking about the following scenario:
Component: Web Browser --- Proxy (mod_proxy) --- Web Server
SSL Role: SSL Client --- SSL server | SSL Client --- SSL Server
Let's have a look at the second part of the connection:
Component: mod_proxy --- Web Server
SSL Role: SSL Client --- SSL Server
In my scenario the Web server requires a SSL Client Certificate from
mod_proxy.
I figured out that providing both, client certificate and private key, in a
file referenced by SSLProxyMachineCertificateFile makes this scenario
working.
This brings up some questions to me:
Why aren't there two options like SSLProxyMachineCertificateFile,
SSLProxyMachineKeyFile for separated certificate and key files?
Is there a way to provide several certificate/key pairs?
The Apache documentation (www.apache.org) describes SSLProxy* as part of
mod_ssl. Why isn't there any information about SSLProxy* on www.modssl.org?
(Probably Ralf Engelschall can explain this.)
Is this Apache 2.0 feature available in Apache 1.3 too?
I think the current documentation of SSLProxyMachineCertificateFile is at
least misleading.
Regards,
Maik
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
