help on ssl configuration of forward proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

 

I’m trying to configure my apache server to be a forward proxy. And I tried to invoke some webservices with the server as a proxy.

When the webservice endpoint is in HTTP, like http://10.151.124.98:24101/TestServiceCert/TestWebServiceCert, then the client can work fine with the proxy specified.

But when the ws endpoint url is in HTTPS, https://paf.test.gemalto.com:24111/TestService/TestWebService, the client will give out error:

<Error> <Net> <BEA-000903> <Failed to communicate with proxy: gugong/8088. Will try connection paf.test.gemalto.com/24111 now.

java.net.ProtocolException: Unrecognized response from SSL proxy: 'HTTP/1.1 403 Forbidden'

    at weblogic.net.http.HttpsClient.makeConnectionUsingProxy(HttpsClient.java:458)

    at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:351)

    at weblogic.net.http.HttpsClient.New(HttpsClient.java:527)

    at weblogic.net.http.HttpsURLConnection.connect(HttpsURLConnection.java:239)

    at com.sun.xml.ws.transport.http.client.HttpClientTransport.getOutput(HttpClientTransport.java:136)

    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:187)

    at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)

Here is my configuration:

Listen 10.151.124.98:8088

 

<VirtualHost 10.151.124.98:8088>

 

ServerName mmog.test

 

AllowCONNECT  8088

  ProxyRequests On

ProxyVia      on

 

SSLProxyEngine on

 

#SSLVerifyClient require

#SSLVerifyClient optional_no_ca

#SSLVerifyClient none

 

SSLProxyVerify require

SSLProxyVerifyDepth 10

 

<Proxy *>

     Order Deny,Allow

     Allow from all

</Proxy>

 

 

LogLevel debug

 

#SSLProxyMachineCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test.pem

 

SSLCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test/public.cer

SSLCertificateKeyFile /product/gemalto/MMOG_PAF_FP/keystore/test/private1.key

 

SSLProxyMachineCertificateFile /product/gemalto/MMOG_PAF_FP/keystore/test/test.pem

 

SSLProxyCACertificateFile /product/gemalto/MMOG_PAF_FP/keystore/AdminCA.pem

</VirtualHost>

 

And I see this line in the proxy server log when starting:

 

[warn] no client certs found for SSL proxy

 

Anybody can help?

Thanks.

 

BR,

Li Run


This message and any attachments are intended solely for the addressees and may contain confidential information. Any unauthorized use or disclosure, either whole or partial, is prohibited.
E-mails are susceptible to alteration. Our company shall not be liable for the message if altered, changed or falsified. If you are not the intended recipient of this message, please delete it and notify the sender.
Although all reasonable efforts have been made to keep this transmission free from viruses, the sender will not be liable for damages caused by a transmitted virus
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux