Hello, I’m trying to setup a proxy server which selects the correct certificate based on destination IP-address. I’m using apache 2.4 on CentOS 6.6. I’m using the following configuration: <VirtualHost *:3128> SSLProxyEngine On SSLProxyVerify require SSLProxyVerifyDepth 10 <If "%{REMOTE_ADDR} -ipmatch '192.168.0.0/24'"> SSLProxyMachineCertificateFile /etc/pki/tls/certs/example.com.cer SSLProxyCACertificateFile /etc/pki/tls/certs/ca.cer </If> <Else> SSLProxyMachineCertificateFile /etc/pki/tls/certs/example.org.cer SSLProxyCACertificateFile /etc/pki/tls/certs/ca.cer </Else> RewriteEngine On RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [NC,P] ProxyPreserveHost On ProxyPass / https://$1/ ProxyPassReverse / https://$1/ </VirtualHost> But I’m getting the following error when I start the httpd service: Starting httpd: AH00526: Syntax error on line 8 of /opt/rh/httpd24/root/etc/httpd/conf.d/forward_ssl_proxy.conf: SSLProxyMachineCertificateFile not allowed here [FAILED] Can someone help me how to achieve my goal by using the correct certificate based on destination address? With kind regards, Abdelouahed |