Hi,
At this moment we are using a apache configured as proxy to another
secure apache server, but now for security reasons only https is not
enough. We must now use certificates.
In my mind this means our apache proxy is the client to the secure
server and thus needs a client certificate, I tried to configure this
in apache
(snippet from httpd.conf)
.
SSLProxyEngine On
SSLProxyMachineCertificateFile ssl/client.crt
..
When I try to start the apache server then the following message appears in the error log:
[Thu Mar 31 10:50:07 2005] [info] Init: Initializing OpenSSL library
[Thu Mar 31 10:50:07 2005] [info] Init: Seeding PRNG with 0 bytes of entropy
[Thu Mar 31 10:50:07 2005] [info] Loading certificate & private key of SSL-aware server
[Thu Mar 31 10:50:07 2005] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Thu Mar 31 10:50:09 2005] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Thu Mar 31 10:50:09 2005] [info] Init: Initializing (virtual) servers for SSL
[Thu Mar 31 10:50:09 2005] [debug] ssl_engine_init.c(405): Creating new SSL context (protocols: SSLv2, SSLv3, TLSv1)
incomplete client cert configured for SSL proxy (missing or encrypted private key?)
Does somebody know how to solve this problem or have a complete
procedure for installing a client certificate in Apache (preferrable
also how to create the client certificate)
Br,
Sarris Overbosch
Printer kiezen? Overtuig uzelf! Wij zijn zo overtuigd over de kwaliteit van onze Canon printers dat wij u de mogelijkheid bieden deze GRATIS te proberen.
