Re: Apache 2.4: Proxy certificate configuration question (Apache Users)

Thanks for response.

Maybe I did not make it clear but I need to have the certificates for the
authentication between HTTP Proxy and WebServer. So HTTP Proxy shall
authenticate WebServer and vice versa with the client certificate and
the secret key.

The clients that use the HTTP Proxy shall not be involved here and
authentication shall be handled completely between HTTP Proxy and remote
WebServer.

Basically I have configured the HTTP Proxy using
SSLProxyMachineCertificateFile and it is working fine. The problem I have
is that I have certificate and key as two separate files and so I
always have to combine them into one (and rewrite key BEGIN and END to add
RSA).

​Regards

        

Markus Gausling​

2017-05-04 12:54 GMT+02:00 Marat Khalili <mkh@xxxxxx>:

You configure certificates of your proxy server exactly the same way as for web server, using SSLCertificateFile, SSLCertificateKeyFile and possibly SSLCertificateChainFile. Most likely you don't need SSLProxyMachineCertificateFile (it configures _client_ certificate of your server before other servers).

--

With Best Regards,
Marat Khalili

On 03/05/17 18:11, Markus Gausling wrote:

Hello,

when Apache is configured as a WebServer I can configure the private
key and the certificate of the server separately using
SSLCertificateFile and SSLCertificateKeyFile.

When configuring Apache as an HTTP Proxy (Reverse Proxy or Forward
Proxy) it seems I can only configure the proxy private key and
certificate if they are combined into a single PEM file with
SSLProxyMachineCertificateFile.

Is that understanding corrector is there also a way to defined key and
certificate for an HTTP Proxy configuration separately?

Regards
Markus