As far as I know, the certificate doesn't go past the Pound server. Pound is in charge of all the encrypting/decrypting, and passes the "plain" request to the backend. So, the cert is NOT installed on the backend servers.
What pound can do though is add a header that says weather HTTPS was used in the original request or not. You can find some examples if you do a search for something like "front-end-https: on" or something like that. I know that's how some people have implemented it. Alfonso Espitia, Senior Web Developer direct 919.657.6933 | e-mail [email protected] Castle Worldwide, Inc. | 900 Perimeter Park Drive, Suite G | Morrisville, NC 27560 USA www.castleworldwide.com | main 919.572.6880 | fax 919.361.2426 This e-mail message is confidential and is intended only for the named recipient(s) above. If you are not an intended recipient, you are hereby notified that any dissemination, distribution, or copying of this e-mail and any attachment(s) is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender by replying to this e-mail and delete the message and any attachment(s) from your system -----Original Message----- From: Rob Moore [mailto:[email protected]] Sent: Friday, September 24, 2010 10:23 AM To: pound Subject: [Pound Mailing List] Client certs and HTTPS Backends I couldn't find any documentation on this in the latest man page or on the list so thought I'd ask. Is the client certificate passed via HTTP headers to the HTTPS backend (just as it would be to an HTTP backend) or is it used directly in the request to the HTTPS backend (as it would be if the browser connected directly to the backend without Pound)? I'm assuming the former but wanted to confirm. Thanks, Rob -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions. -- This message has been scanned for viruses and dangerous content by SecureMail, and is believed to be clean. -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
