We do extensive multi-tenant hosting inside a single Apache instance (config) and so different virtualhosts want differential, virtualhost-specific secured proxy connections, client certificates, yes. We are probably pushing the sensible limits of what you should be doing inside a single configuration/instance though. > -----Original Message----- > From: Marat Khalili [mailto:mkh@xxxxxx] > Sent: 30 September 2016 17:33 > To: users@xxxxxxxxxxxxxxxx > Subject: Re: TLS Proxy client certificates per virtualhost > > Do you mean proxy _client_ certificates? That is, certificates for > identifying your proxy to upstream server(s)? Looks like there's indeed > no option to make them virtual-host dependent. I wonder why do you need > it. > > Local server (proxy or not) certificates can be made virtual-host > dependent using SSLCertificateFile etc. Likewise, remote server CA > certificates can be made virtual-host dependent using > SSLProxyCACertificateFile etc. > > -- > > With Best Regards, > Marat Khalili > > On 30/09/16 17:42, Mark Blackman wrote: > > Hi, > > > > What kind of options do I have if I want to use different SSL proxy > certificates for different virtual hosts? > > > > SSLProxyMachineCertificateFile is close, but only has server scope. What's > the equivalent for virtualhost context? > > > > I have a feeling I have zero options, but would like to confirm that here, > please. If so, how much work would it take to provide that? > > > > Regards, > > Mark > > > > > > > > --- > > This e-mail may contain confidential and/or privileged information. If you > are not the intended recipient (or have received this e-mail in error) please > notify the sender immediately and delete this e-mail. Any unauthorized > copying, disclosure or distribution of the material in this e-mail is strictly > forbidden. > > > > Please refer to https://www.db.com/disclosures for additional EU > corporate and regulatory disclosures and to > http://www.db.com/unitedkingdom/content/privacy.htm for information > about privacy. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Please refer to https://www.db.com/disclosures for additional EU corporate and regulatory disclosures and to http://www.db.com/unitedkingdom/content/privacy.htm for information about privacy. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|