On Wed, Jun 25, 2014 at 5:53 PM, Marc Schöchlin <ms@xxxxxxxxxx> wrote: > in my understanding authentication using client certificates is just a > cryptographic validation of a public/private keypair over a already > established ssl-secured channel. > For example, it is possible to use a official certificate for the ssl > channel and my own ca for client certificate validation. It's part of the handshake, which can be later scrutinized by the application layer. However, there is no standard way to share the the client certificate authenticated by a proxy with a backend origin server, and no way at all that mod_ssl is willing to receive (that I am aware of) -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|