Hi Marc, Zitat von Marc Schöchlin <ms@xxxxxxxxxx>:
Hello apache-users, i'm trying to implement client certificate authentication behind a f5 loadbalancer. My loadbalancer terminates ssl, and dispatches the decrypted communication via network address translation to the backend apache server. The client certificate auth should be performed at the webserver. Unfortunately the "SSLVerifyClient" directive is ignored and access is always granted. It seems that without enabled ssl transport encryption, the logic for "SSLVerifyClient" is deactivated. Any hints?
yes, your web server is only seeing the plain HTTP traffic - all the SSL "stuff" got stripped at the load balancer.
You're so to speak asking to look at the post stamp of a letter, while you only received the content because your mail service already unpacked everything and dumped the envelope...
Regards, Jens --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|